Cloud Security Engineer

Location: Pune

Employment Type: full-time

Job Details

Cloud Security Engineer

Job Description

The Cloud Security Engineer will monitor and manage security controls and threat protection, manage identity and access, and protect data, applications, and networks as part of end-to-end infrastructure.

Responsibilities:

• Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
• Identify and define system security baselines and system requirements.
• Actively assess existing implementations, identifying security issues and prioritizing fixes.
• Design, implement, and manage security controls for our Azure cloud environment, ensuring the confidentiality, integrity, and availability of cloud-based systems and data.
• Provide daily, ongoing security oversight of SecOps operations, to include the security impact of proposed modifications, additions, and technology implementation/refresh operations.
• Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis.
• Understand system security vulnerabilities and associated threats and assess the overall security risks to the system.
• Provide mitigation recommendations to reduce identified security risks.
• Work directly with internal IT staff and customers to establish and enforce IT security best practices, protection objectives, process improvements and effective IT security controls.
• Perform system vulnerability scanning using approved software tools and ability to automate.
• Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize system downtime.
• Serve as the interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation.
• Monitor and recommend improvements; Perform optimization and tuning, as well as ongoing capacity monitoring
• Configure, monitor, and maintain our SIEM platform, developing correlation rules, dashboards, and alerts to detect and respond to security incidents.
• Participate in designing and managing IT Security strategy including both infrastructure and applications.
• Assist with projects involving cloud, operating systems, applications, and database and security issues and requirements.
• Provide expertise and support during internal and external audits, specifically with SOX (Sarbanes-Oxley) and GLBA (Gramm-Leach-Bliley Act) compliance requirements, ensuring security controls meet regulatory standards.
• Implement and manage IAM solutions, including single sign-on (SSO), user provisioning, and role-based access control (RBAC) to ensure appropriate access to systems and data.
• Deploy, manage, and troubleshooting MFA solutions across various platforms to enhance authentication security.
• Configure, maintain, and monitor network firewalls, intrusion detection/prevention systems (IDS/IPS), and other network security devices.
• Other duties and/or responsibilities not specifically set above may be assigned as needed.

Requirements:

• Bachelor’s degree or equivalent in Computer Science, Information Systems Management, Information Technology or other related discipline preferred.
• 5-7 years’ experience as a Security Engineer supporting Windows-based environments.
• Experience and understanding of security tools (Vulnerability Management, Endpoint Protection, etc.)
• Familiar with baseline hardening methodology and standards.
• Knowledge of networking architecture, operations, security, automation and orchestration.
• Possess clear understanding of security protocols and standards and have experience with security architecture.
• Experience in cloud technology
• Experience with identity and access