you will work on a diverse domain of information security across the organisation, most importantly infrastructure and data security
own the cloud security posture management program and concentrate efforts on continuous improvement of the cloud security configurations aligned to global standards like NIST 800- 53, ISO 27001, Cloud Security Alliance, etc.
engineer and uplift adoption of PaaC (Policy as a Code) to continuous monitoring of risk configurations changes.
be responsible for identifying security issues (external as well as internal), help stakeholders to mitigate and at frequent occasions build a solution around some of the complex problem statements implement/maintain security for cloud-based systems/applications in AWS
conduct security design/infrastructure reviews, security architecture reviews
translate product requirements into threat models and identifying privacy issues and data leaks
contribute to the building, operating and maintaining of the cloud security infrastructure to improve prevent, detect and response capabilities.
build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems.
automate infrastructure security and develop/implement security automation to solve manual effort on a day-day basis
build in-house security frameworks to establish a state of art security culture inside tech
assist with creating security awareness and maintaining prudent security engineering culture within an organisation
enable compliance in teams and help them achieve some of the industry’s best practices (e.g. PCI DSS, ISO 27001)
You should apply if you have:
2-9 years of experience in information security
proficiency in one or more of the programming languages (python, golang, bash)
a good understanding of cloud security and a background of working with AWS Security
the experience to perform automation using Terraform/Ansible/Docker/Kubernetes, and any one CI tools (e.g. Jenkins, CodePipeline, etc.)
an understanding of concepts like Zero Trust Architecture, defence in depth, SASE.
the ability to build packages from source code and secure Linux kernel.
knowledge on eBPF, AppArmour, seccomp, and/or SElinux at scale.
the drive to influence organisations and stakeholders by practising data-driven approach
a GitHub profile, blog or a conference presentation
the ability to be a go-to person and communicate effectively with stakeholders (engineers,
product, business teams)
the zeal to be proactive in keeping yourself updated with security
news/issues/breaches/tools/blogs on the internet Skills:- Cyber Security, Information security, Amazon Web Services (AWS), PCI DSS, ISO/IEC 27001:2005, Programming, Automation and Cloud security
Sign up for our newsletter to stay up to date with new jobs posted on Profilehunt
Please confirm your email address once you subscribe.