Application Link

About us

Job Description

Who are we

• Azure DevOps Azure Kubernetes Service Docker Active Directory (Microsoft Entra)
• Azure IAM and managed identity Virtual network VM Scale Set App Service Cosmos
• Azuer MySQL Scripting (PowerShell Python Bash)
• Azure Security Security Documentation Security Compliance
• AKS Blob Storage Azure functions Virtual Machines Azure SQL
• AWS IAM EC2 EKS Lambda ECS Route53 Cloudformation Cloudfront S3
• GCP GKE Compute Engine App Engine SCC
• Kubernetes Linux Docker & Microservices Architecture
• Terraform & Terragrunt
• Jenkins & Argocd
• Ansible Vault Vagrant SaltStack
• CloudFront Apache Nginx Varnish Akamai
• Mysql Aurora Postgres AWS RedShift MongoDB
• ElasticSearch Redis Aerospike Memcache Solr
• ELK Fluentd Elastic APM & Prometheus Grafana Stack
• Java (Spring/Hibernate/JPA/REST) Nodejs Ruby Rails Erlang Python

• You will play a key role in defining and implementing robust security measures contributing directly to the overall security posture of our organization.
• Get handson experience with leading cloud platforms such as AWS GCP and Azure ensuring you stay at the forefront of technology advancements in the rapidly evolving field of cloud security.
• Engage in regular security assessments and audits honing your skills in identifying vulnerabilities and developing effective mitigation strategies.
• Gain experience with opensource tools such as OWASP ZAP furthering your expertise in application security and securing against OWASP Top 10 vulnerabilities.
• Actively contribute to fostering a culture of security awareness across the organization making a lasting impact on our overall security mindset.

Requirements

Apply if you have

• Strong knowledge of networking protocols and security architecture.
• Implemented and maintained robust security measures for IT and cloudbased infrastructure.
• Conducted regular security assessments and audits to identify vulnerabilities and risks.
• Collaborated with crossfunctional teams to ensure security best practices are integrated into the development lifecycle.
• Developed and enforced security policies standards and procedures.
• Proficiency in conducting VAPT using industrystandard tools to identify and remediate security vulnerabilities.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) or Offensive Security Certified Professional (OSCP) is a plus.
• Conducted security awareness programs and training sessions for clients & for internal employees. Kept the team informed about the latest cybersecurity trends threats and technologies.
• Handson experience with some of the following:
• DevSecOps: Implement various tools and technologies for SAST DAST image scanning container scanning Kubernetes manifests files Terraform scripts with different CI/CD tools like Github/Gitlab
• SIEM and SecOps: Setting up security operations centre with ELK Splunk etc and helping clients with realtime security monitoring and threat modelling
• Application Security: Web Application Firewall (AWS & CloudFlare)
• Cloud Security: Cloud Governance SCP Policies IAM Policies AWS Security Hub Azure Security Center Google Cloud Security Command Center
• Vulnerability Assessment and Penetration Testing (VAPT): Nessus Qualys Burp Suite Metasploit
• Security Policy Governance & Compliance: ISMS (ISO/IEC 27001) NIST Cybersecurity Framework CIS Controls
• Incident Response and Management: Develop and execute incident response plans to address security incidents promptly and Collaborate with crossfunctional teams to investigate and resolve security incidents.
• Opensource Tools: OWASP ZAP (Zed Attack Proxy) Security Onion Snort
• Familiarity with OWASP Top 10 vulnerabilities and mitigation strategies
• Implementing solutions for DLP IPS/IDS for SoC2 and other compliances

security,cloud,technology,devops,cloud security,architecture,azure,aws,vapt,ccsp,cissp,oscp,owasp,owasp top ten,information security governance,compliance