Principal Engineer Cloud Security Job in Acuity Knowledge Partners
Principal Engineer Cloud Security
- Gurgaon, Haryana
- Not Disclosed
- Full-time
- Permanent
Education/ Experience and Skill Requirement
-
Bachelor Degree in Engineering or Equivalent area of study Relevant certifications such AWS Certified Cloud Practitioner preferred, AWS Certified Security Specialty must, Certified Cloud Security Professional preferred, CISSP, CISA, CISM anyone is must, ISO 27001 LA/LI preferred.
Minimum 8+ years of experience in IT industry in relevant area, with at least 5 years of progressive experience in Information Security.
At least 1 or 2years experience working in AWS or Azure cloud security and security automation in the cloud.
Hands-on experience in applying security to cloud technologies such as managing secrets, securing AWS resources, securing CI/CD pipeline, securing infrastructure as code (terraform), container security, security groups, AWS Forensic processes.
At least 1 year experience working in Palo Alto PRISMA Cloud Enterprise Consoles, cloud based logging and SIEM solutions.
At least 1year of experience working in CASB, DLP implementation and maintenance programs.
At least 1year experience of working in a client servicing model where security, risk and compliance role was served by the candidate as a lead.
Worked on controls based on ITIL, ISO 20000, ISO 27001, PCI DSS, CSA, CIS, NIST, GDPR, Mitre Threat framework and relevant standards.
Responsibilities
-
Technically sound to review ITGC controls specific to cloud environment (AWS/Azure).
-
Should be able to recommend secure configurations for the cloud platforms and advise the teams for remediation.
-
Knowledge of secure cloud architecture, SaaS platform security, email security, PRISMA Cloud and recommend the operations team of security improvements. Should be able to review the Acuity bespoke BEAT applications commissioning requests from risk and privacy perspective and complying with Acuity Cloud configuration policies, recommend operations team for control compliance and track deviations.
-
Monitoring system compliance with the Cloud security framework for controls, levels of access and recommend improvements.
-
Knowledge of CI/CD integrations to automate security initiatives.
-
Coordinating investigations and reporting of security incidents related to network, systems and applications. Build simulation use cases for the incident scenarios to raise awareness in the teams.
-
Expert or sound knowledge of CASB, and cloud based logging and SIEM solutions to advice operations team for control implementation and improvements.
-
Experience of implementing and running DLP program. Review DLP violations, fine tune DLP policies and remove noise.
-
Experience in building scenarios for Threat Hunting and Threat Modeling. Engage with department stakeholders to implement Threat Hunting and Threat Modeling defenses based industry benchmark such as Mitre and others.
-
Monitor, investigate and track to closure the alerts from these monitoring tools.
-
Sound knowledge of forensic investigation processes for Cloud environments such as AWS/Azure and regular Data Center operations and help in setting up a forensic investigation process from scratch or improve the existing forensic investigation processes.
Fresher
2 - 4 Hires