The Job logo

What

Where

Sign in

Cloud Security Engineer II

ApplyJoin for More Updates

You must Sign In before continuing to the company website to apply.

Smart SummaryPowered by Roshi
This role is part of the Information Security Team in Zeta's Engineering division. We are looking for a Cloud Security engineer to secure and automate our environment, set processes, and guide developers and DevOps teams. Your responsibility includes hardening infrastructure, threat management, and ensuring the security of our applications. Join us in making Zeta applications and infrastructure secure!

Where is this role

  • This role is part of the Information Security Team, Engineering division of Zeta. The Cloud Security engineer is responsible for creating the securing and automating the environment, coming up with project roadmap, setting processes in place, creating CI/CD roadmap etc. Guide Developers and DevOps teams about new threats and help harden infrastructure and applications from various attacks as needed. The objective is to make zeta applications and infrastructure secure.

What does the sub-division do?

  • Responsible for entire security of Zeta’s Tech stack (Cloud & On-prem)
  • Perform regular VA/PT for Web, Network and Mobile applications
  • Integrate security testing tools (SAST, DAST) in to CI/CD pipelines
  • Regular code reviews, involve in application design discussions
  • Perform Threat Modelling of Web/Mobile applications
  • Cloud Security Assessment & Automation
  • Write organizational level Infosec policies, review policies
  • Educate everyone at Zeta on Infosec best practices like secure coding, secure data handling, secure networking, secure crypto implementation etc.

What are your responsibilities?

  • Implement cloud security initiatives for entire organization Improve Cloud security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
  • Prepare and present reports of Vulnerability Assessment, Automation, Penetration Testing etc.
  • Oversee the planning and coordination of Cloud security Deploy, Maintain and Support Log Aggregation, Vulnerability and Threat Detection Solutions with associated visualizations so that real-time identification of issues can be performed.
  • In addition to the above specific responsibilities, as Cloud Security Engineer in Information Security division of Zeta, you will be responsible for:  
  • Hiring decisions, hiring process definition, and continuous improvements. Broad knowledge of security domain with an understanding of cloud & kubernetes vulnerabilities, secure configurations and mitigation mechanisms
  • Perform review and validation of all deliverables for Cloud Security
  • Educate DevOps, Devs and Security Team

What are you accountable for?

  • Continuous improvement of Cloud Security postureI
  • Integrating various tools into CI/ CD and automate repetitive tasks 
  • Make sure the environment is compliant to CIS, NIST, PCI etc. 
  • Ensure that Security Standards are being adopted by the Product Team covering both Cloud, On-Prem, SaaS, PaaS and IaaS.

What are you expected to be good at?

To be successful in this role, the following are the areas of expertise classified by their importance: 

  • Critical: Solid understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like AWS, Azure etc.
  • Experience of CI/CD Pipeline implementation and at least one tool (Jenkins, ArgoCD, Bitbucket Pipelines etc)Experience in at least one scripting language (Bash, Python, Java etc)Experience containerization and Kubernetes
  • Experience of automating and templating security processes and documentation for compliance purposes.
  • Hands on experience of vulnerability assessments, Penetration Testing, Web Application Security, data privacy, identify access management etc.
  • Experience of at least 2 active and passive security tooling (OWASP ZAP, Veracode, Checkmarx, Fiddler etc)Experience on Infrastructure as Code solution (Terraform, Ansible, Chef etc)Advantage: experience with security tools like Prisma, Aqua, Clair, Hashicorp Vault, etc. 

High:

  • Conduct Architecture and Design review to provide guidance and security assurance around best practices and frameworks.
  • Work closely with the DevOps teams and share security insight
  • Knowledge of development practices using Java and Nodejs, Docker, Kubernetes and other container orchestration services
  • Experience with Secure Code Quality Tools, Testing and Techniques - ZAP, Wireshark, Sonarqube, Metasploit etc.
  • Understanding of security frameworks, controls and processes - CIS, NIST, PCI/DSS. SOCI/II, etcMedium experience in one or more languages - NodeJS, GoLang, Python, Perl, Ruby, Bash, Javascript, Java etc.
  • Ability to document risks, security controls and evidence to ensure compliance
Set alert for similar jobsCloud Security Engineer II role in Bengaluru, India
Zeta Logo

Company

Zeta

Job Posted

a year ago

Job Type

Full-time

WorkMode

On-site

Experience Level

3-7 Years

Category

Technology

Locations

Bengaluru, Karnataka, India

Qualification

Bachelor

Applicants

Be an early applicant

Related Jobs

Meesho Logo

Security Engineer II

Meesho

Bengaluru, Karnataka, India

Posted: 10 months ago

As our Security Engineer II, you will ensure Meesho’s products and services are safe and secure in production environments. You will drive the integration of security within our DevOps processes, conduct manual code reviews, and identify and mitigate security threats. Your commitment will ensure robust protection and secure project delivery.

CRED Logo

Cloud Security

CRED

Bengaluru, Karnataka, India

Posted: a year ago

Work on a diverse domain of information security, including infrastructure and data security. Responsibilities include identifying security issues, implementing security for cloud-based systems in AWS, automating infrastructure security, conducting security reviews, and establishing a state of the art security culture. Help teams achieve compliance with industry best practices.

KPMG Logo

Cloud Security Engineer

KPMG

Mumbai, Maharashtra, India

Posted: 5 months ago

As a Cloud Security Engineer at KPMG in Mumbai, Maharashtra, you will be responsible for designing, implementing, and maintaining cloud security for clients. You will contribute to innovation activities, design security architecture, develop security policies, perform assessments, and assist with incident response. This full-time on-site role requires 3-7 years of experience and a Bachelor or Master's degree.

TIAA Logo

Cloud Security Engineer

TIAA

Pune, Maharashtra, India

Posted: 8 months ago

We are seeking a Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing and implementing cutting-edge cloud platforms, ensuring the security of our cloud infrastructure, and collaborating with various stakeholders on the enterprise's strategic vision for leveraging cloud technologies. You will also be involved in threat analysis consultation, implementing cloud security standards, and driving compliance across our SaaS applications. This is a full-time, on-site opportunity located in Pune, Maharashtra, India.

Zeta Logo

DevOps Engineer II

Zeta

Bengaluru, Karnataka, India

Posted: a year ago

As a DevOps Engineer II at Zeta, you will deploy and manage containers orchestration, service mesh, and API gateways. Collaborate with developers, ensure platform availability, and work on infrastructure as code. Ideal candidate has 3+ years of experience with cloud solutions such as AWS, GCP, Azure, and knowledge of CI/CD practices, Kubernetes, and observability toolchains.

Baker Hughes Logo

Senior Lead Cloud Security Engineer

Baker Hughes

Bengaluru, Karnataka, India

Posted: 10 months ago

Designs, programs, documents, tests, and fixes bugs involved in creating and maintaining applications and frameworks involved in a software release lifecycle resulting in a digital product. Deep technical expertise within a field. Has comprehensive knowledge of underlying principles, approaches and methodology.   Responsibilities, authorities and accountabilities Developing, implementing, and managing Azure Policies to enforce governance and compliance standards across the organization's Azure environments Providing technical guidance and support to application teams to ensure policy compliance during application deployments Monitoring and auditing Azure Policy compliance, investigating policy violations, and providing remediation guidance to ensure continuous adherence to security standards Leading small development team and managing end to end execution of software development in the Azure space Gathering user requirements and understanding use cases, design documents, and driving implementation in accordance with project and platform goals   Required Qualifications Have a Bachelor's degree from an accredited university or college with overall 10 years of experience. Have 4-6 years of experience in Cyber Security Engineering. Be an expert with Microsoft Azure, including proficiency in Azure Policy, Azure Resource Manager, and Azure Governance Be an expert with scripting and automation languages (e.g., Python, PowerShell, Azure CLI, JSON) to author and manage Azure Policies  Have strong skills in identifying the pain areas of cloud security and automating cloud security workloads to improve Azure Governance Have a thorough understanding of CICD and DevSecOps to implement and manage Azure Policies and automations Have a thorough understanding of Power Platform, ARM templates and bicep. Have Experience with GRC frameworks (i.e., ISO27001, NIST etc.)   Desired Characteristics Strong oral and written communication skills. Strong interpersonal and leadership skills. Demonstated ability to analyze and resolve problems. Demonstrated ability to lead programs / projects. Ability to document, plan, market, and execute programs. Established project management skills.