Cloud Security Engineer

POSITION SUMMARY: The Cloud Security team is responsible for collaborating and partnering with various Cloud Platform teams and Business Units (BUs) and stakeholders across the organization to build security into the Cloud platforms and applications migrating to Cloud by building defense in depth, security controls protective detective and Response. Controls include and are not limited to security of infrastructure as code, CI-CD pipelines, application & micro-services security, data protection, Threat detection, mitigation, investigation and response and other services across the organization.   KEY RESPONSIBILITIES AND DUTIES: Job Responsibilities include but not limited to: Duties:  Liaise with an extensive range of business stakeholders and support them for migration of their applications and services to Cloud.  Keep abreast with industry trends / best practices to develop governance frameworks, guiding principles, security controls and detailed security design of solutions  Work on assignments and projects specific to Cloud security architecture and engineering Skills: Mandatory (Must have):  Experience with information security technologies and processes within cloud environments  Knowledge of 3rd Party tools used to secure Cloud Services  Understanding of enterprise IT security risk assessments and related frameworks (OWASP, PCI, NIST) and industry best practices  Ability to design and implement cloud security controls and create related documentation  Ability to identify network attacks and system security issues as they relate to threats and vulnerabilities, with focus on recommendations for enhancements or remediation  Excellent communication skills, including demonstrated proficiency in clearly communicating technical concepts to non-technical audiences in business terminology. Preferred skills (Nice to have):  Knowledge of designing and implementing container platforms including Kubernetes, Docker, etc.  General understanding of data services frameworks & stream processing  Understanding of Secure Software Development Life Cycle (SSDLC) security requirements  Demonstrated success in leading transformation programs, driving business value and long term success  Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies gorave 6301m erpaler t PUBLIC (P)  Understanding of national and international laws, regulations, policies and ethics related to financial industry cybersecurity  Knowledge of Agile methodology  Knowledge of Windows, Linux, Python, Terraform etc.  Experience with cloud security strategy, cloud provider ecosystems (Amazon AWS/ Microsoft Azure).  Hands-on experience in one of the following: AWS, Google and Azure platforms  Experience with cyber technologies such as Data Loss Prevention (DLP), Malware detection, User behavior analysis (UBA), and Endpoint Detection and Response (EDR) tools.  Experience with Networking technologies, Zero trust Models and technologies.  Hands on deployment and Infrastructure as code experience  Must be proactive and have the ability to work independently in a fast paced environment, as well as the ability to work collaboratively with cross-functional and remote teams.  Familiar with DevOps and Agile methodology  Able to learn quickly and independently and apply new tools and techniques.  Strong troubleshooting skills.   QUALIFICATIONS: Required    3 or more years IT Engineering or IT Security Engineering experience  Degree in Computer Science or similar  Experience in Financial, Insurance or Tech industry  Preferred    Certification CISSP or Certified Cloud security professional  Certifications such as AWS certified Security Professional, Google Certified Solution & security professional.