TC-CS-CDR-Cloud Security Specialist-Senior

Job Title: Senior Cloud Security Specialist

Role Overview:

The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies incident response and forensic investigation. The SME will collaborate with Security Engineering & Architecture CSOC and governance teams to ensure a resilient and compliant cloud security posture.

Key Responsibilities:

• Threat Detection & Investigation
• Deploy and optimize cloud-native and third-party threat detection platforms (e.g. AWS GuardDuty Azure Defender GCP SCC).
• Investigate alerts using telemetry behavioral analytics and AI/ML-based anomaly detection.
• Align detection logic with MITRE ATT&CK NIST SP 800-53 and CSA CCM frameworks
• Rule Creation & CNAPP Integration
• Author and tune detection rules leveraging CNAPP platforms (e.g. Wiz Prisma Cloud Orca).
• Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response
• Mitigation Strategy Development
• Design and implement dynamic playbooks for threat containment and remediation.
• Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines.
• Incident Response & Forensics
• Lead incident triage and root cause analysis across cloud environments.
• Conduct forensic investigations using cloud-native tools and third-party platforms.
• Document findings and contribute to post-incident reviews and continuous improvement
• Security Architecture & Governance
• Provide guidance on secure cloud architecture access controls and data protection.
• Ensure compliance with ISO 27001 HIPAA GDPR and internal governance policies

Required Skills & Abilities:

• Deep expertise in AWS Azure GCP and OCI cloud security services.
• Hands-on experience with CNAPP platforms (e.g. Wiz Prisma Cloud Orca).
• Proficiency in threat detection rule creation tuning and alert response leveraging tools such as CrowdStrike Wiz Defend AWS GuardDuty etc.
• Respond to Kubernetes and Cloud Container threat alerts (e.g. unusual API invocations) and tune detection rules accordingly
• Strong knowledge of SIEM/SOAR platforms (e.g. Splunk Sentinel Elastic Tines).
• Experience in cloud forensics and incident response workflows.
• Familiarity with infrastructure-as-code (IaC) tools (Terraform CloudFormation).
• Strong analytical investigative and documentation skills.
• Excellent communication and leadership abilities.

Preferred Qualifications:

• 8 years in cybersecurity with 3 years focused on cloud security.
• Certifications: CISSP CCSP AWS Security Specialty Azure Security Engineer GCIH GCIA.
• Experience in a 24x7 SOC or threat management environment.
• Proven track record of mentoring and leading technical teams.