Job description
What you’ll be doing:
Codify and automate traditional security processes to take humans out of the equation making security services and controls consumable as a service.
Partner across multiple product engineering teams to enable and drive the adoption of strong cloud security engineering practices and controls.
Build secure cloud architecture using private as well as public cloud service providers (CSPs), such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Oracle Cloud Infrastructure (OCI) etc.
Build security solutions using cloud-native security tools in AWS, GCP, Azure, OCI and other CSPs.
Champion infrastructure as code practice using automation using CloudFormation, Terraform, etc.
Address application reliability, scalability and usability challenges and handle multi-data centre deployments
Evaluate new security controls/service offerings from CSP vendors and build custom security solutions to match our specific requirements
Perform continuous security auditing using CIS benchmark to assess the security posture of services and CSP accounts
Integrate application monitoring tools (Datadog, Prometheus) and build visual dashboards and alerting (Grafana, PagerDuty)
What we need to see from you:
Bachelor’s degree in Computer Science Engineering or a related field with 3+ years of experience in designing and implementing software solutions, with a preference for product development.
Proficiency in architecting and deploying security services on any public cloud platform or hybrid private-public cloud architecture.
Experience with cloud security tools and services such as Security Groups, AWS Inspector, GuardDuty, CloudTrail, CloudWatch, AWS Security Hub, Web Application Firewall (WAF), Multi-Factor Authentication (MFA), etc.
In-depth knowledge of AWS core services (VPC, EC2, S3, IAM, RDS) and serverless architecture services (API Gateway, Lambda, DynamoDB).
Experience with authentication and authorization concepts and frameworks (SSO, SAML Federated Identity, RBAC, IAM policies).
Expertise in securing containerized Kubernetes environments using platforms like AWS EKS, Azure AKS, Google GKE, or Oracle OKE.
Strong programming skills in Java/Springboot and Python, along with experience in relevant frameworks such as Spring Framework.
Strong experience in building scalable and reliable REST APIs using Spring Boot or similar frameworks
Proficiency in web development technologies such as jQuery, JSON, Bootstrap, Angular, HTML5, React, JavaScript, TypeScript etc.
Experience with building and maintaining distributed and scalable solutions deployed in multiple cloud data centres, regions and availability zones.