Principal Consultant Lead Cloud Security Engineer – Management Plane (L2L3 SME)

Hyderabad - India

Monthly Salary: Not Disclosed

Posted on: 16 hours ago

Vacancies: 1 Vacancy

Job Summary

Ready to build the future with AI
At Genpact we dont just keep up with technologywe set the pace. AI and digital innovation are redefining industries and were leading the charge. Genpacts AI Gigafactory our industry-first accelerator is an example of how were scaling advanced technology solutions to help global enterprises work smarter grow faster and transform at scale. From large-scale models to agentic AI our breakthrough solutions tackle companies most complex challenges.
If you thrive in a fast-moving innovation-driven environment love building and deploying cutting-edge AI solutions and want to push the boundaries of whats possible this is your moment.
Genpact (NYSE: G) is an advanced technology services and solutions company that delivers lasting value for leading enterprises globally. Through our deep business knowledge operational excellence and cutting-edge solutions we help companies across industries get ahead and stay ahead. Powered by curiosity courage and innovation our teams implement data technology and AI to create tomorrow today. Get to know us at and on LinkedIn X YouTube and Facebook.

Inviting applications for the role of Principal Consultant - Lead Cloud Security Engineer Management Plane (L2/L3 SME)

Responsibilities
Cloud Security Platform Operations
Operate and maintain Microsoft Defender for Cloud in accordance with Client policies.
Monitor cloud security posture and remediate configuration issues as directed.
Administer Defender for Cloud Apps to monitor SaaS application security controls.
Maintain Azure native security controls within defined scope.
Access Governance & Least Privilege Enforcement
Perform periodic permissions reviews for cloud subscriptions and SaaS applications.
Implement custom RBAC roles as directed by approved design.
Administer Privileged Identity Management (PIM) workflows.
Monitor privileged access assignments and enforce approval policies.
Support remediation of excessive permissions identified through reviews.
SaaS Security Operations
Monitor SaaS application access and security posture via Defender for Cloud Apps.
Support implementation of access control and session control mechanisms where applicable.
Investigate cloud application access anomalies and escalate when necessary.
Vulnerability & Exposure Coordination (Operational Scope)
Support vulnerability scanning coordination where cloud assets are in scope.
Assist in remediation tracking and validation of security posture findings.
Coordinate with infrastructure or application teams for remediation closure.
E. Service Request & Change Management
Fulfill cloud security-related service requests within SLA.
Execute approved configuration changes following Client change control processes.
Validate changes post-implementation and document testing evidence.
Coordinate changes with IAM Network and Data Security teams where dependencies exist.
Incident & Problem Management
Participate in cloud security incident investigations.
Provide technical inputs for RCA documentation.
Support restoration procedures during cloud security control disruptions.
Identify recurring misconfiguration patterns and propose corrective actions via formal channels.
Audit Logging & Compliance Support
Maintain sufficient operational artifacts to support audit requirements.
Support requests for information/evidence for compliance certifications.
Ensure relevant cloud security logs are available for SIEM ingestion where directed.
Maintain updated SOPs and configuration documentation.
Provide inputs for monthly service performance reporting.
Explicit Role Boundaries
This role does not own cloud architecture design or cloud migration strategy.
Infrastructure-as-Code engineering and DevSecOps transformation ownership are out of scope.
Strategic cloud security framework decisions remain with Client governance.

Qualifications we seek in you!
Minimum Qualifications
Bachelors degree in Computer Science Information Security or equivalent experience.
Preferred certifications:
Microsoft Azure Security Engineer (AZ-500)
CISSP (preferred but not mandatory)
Experience in regulated enterprise environments preferred.

Preferred Qualifications/ Skills
Good years of exp on enterprise security engineering experience.
Strong hands-on operational expertise in:
Microsoft Defender for Cloud
Microsoft Defender for Cloud Apps (CASB)
Azure native security controls
Privileged Identity Management (PIM)
Azure RBAC configuration and governance
Experience performing:
Cloud permissions reviews
Access monitoring and entitlement validation
Least-privilege enforcement
SaaS security configuration monitoring
Familiarity with vulnerability management concepts (Qualys integration awareness).
Experience supporting regulated enterprise environments.
Strong understanding of formal Change Management processes.
Familiarity with log forwarding and SIEM ingestion (operational level).

Why join Genpact
Lead AI-first transformation Build and scale AI solutions that redefine industries
Make an impact Drive change for global enterprises and solve business challenges that matter
Accelerate your careerGain hands-on experience world-class training mentorship and AI certifications to advance your skills
Grow with the best Learn from top engineers data scientists and AI experts in a dynamic fast-moving workplace
Committed to ethical AI Work in an environment where governance transparency and security are at the core of everything we build
Thrive in a values-driven culture Our courage curiosity and incisiveness - built on a foundation of integrity and inclusion - allow your ideas to fuel progress
Come join the 140000 coders tech shapers and growth makers at Genpact and take your career in the only direction that matters: Up.
Lets build tomorrow together.

Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race color religion or belief sex age national origin citizenship status marital status military/veteran status genetic information sexual orientation gender identity physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values respect and integrity customer focus and innovation.
Furthermore please do note that Genpact does not charge fees to process job applications and applicants are not required to pay to participate in our hiring process in any other way. Examples of such scams include purchasing a starter kit paying to apply or purchasing equipment or training.

Required Experience:

Staff IC