<p><p class=""><b>Job Title :</b> Cloud Security Specialist<br/><br/><b>Experience :</b> 3 - 7 Years<br/><br/><b>Location : </b>Pune / Hyderabad<br/><br/><b>Employment Type : </b>Full-Time<br/><br/><b>Notice Period :</b> 30 Days (Maximum)<br/><br/><b>Role Summary :</b></p><p class=""><p><b><br/></b></p>We are seeking a proactive and skilled Cloud Security Specialist to join our dynamic security team.
The successful candidate will be instrumental in designing, implementing, and managing robust security controls across our multi-cloud environments (AWS, Azure, GCP).
This role demands a strong blend of technical expertise, operational knowledge, and a strategic mindset to secure our cloud infrastructure and applications against evolving threats.<br/><br/><b>Key Responsibilities :</b><br/><br/><b>Cloud Security Architecture & Implementation :</b></p><p class=""><p><b><br/></b></p>- Design and Implement Security Controls : Design, configure, and maintain security services and controls within cloud platforms (e.g., Security Groups, Network ACLs, Azure Firewall, AWS WAF, VPC/VNet security, etc.).<br/><br/></p><p class="">- Identity and Access Management (IAM) : Manage and enforce IAM policies, roles, and permissions across cloud platforms to ensure the principle of Least Privilege.
Implement Multi-Factor Authentication (MFA) and Single Sign-On (SSO) solutions.</p><p class=""><br/>- Data Protection : Implement encryption mechanisms (at rest and in transit) and data loss prevention (DLP) strategies for cloud storage and databases.</p><p class=""><br/>- DevSecOps Integration : Collaborate with DevOps teams to integrate security into the CI/CD pipeline, promoting a "security-as-code" and DevSecOps culture using tools like Terraform, CloudFormation, or Ansible.<br/><br/><b>Monitoring, Operations & Incident Response :</b></p><p class=""><p><b><br/></b></p>- Threat Detection & Monitoring : Configure and utilize Security Information and Event Management (SIEM) tools and Cloud Security Posture Management (CSPM) solutions to continuously monitor cloud environments for threats, vulnerabilities, and misconfigurations.</p><p class=""><br/>- Vulnerability Management : Conduct regular vulnerability assessments, security testing, and penetration testing on cloud assets and applications, and drive remediation efforts.<br/><br/></p><p class="">- Incident Response : Serve as a key responder during security incidents, performing triage, containment, root cause analysis, and post-incident remediation in the cloud environment.<br/><br/><b>Governance, Risk & Compliance (GRC) :</b></p><p class=""><p><b><br/></b></p>- Compliance : Ensure cloud deployments and operations adhere to internal security policies and external regulatory standards (e.g., GDPR, HIPAA, SOC 2, ISO 27001, PCI-DSS).<br/><br/></p><p class="">- Policy Enforcement : Develop, document, and enforce cloud security standards, policies, and procedures.<br/><br/></p><p class="">- Risk Assessment : Conduct security risk assessments and threat modeling for new and existing cloud services and architectures.<br/><br/><b>Required Skills and Qualifications :</b></p><p class=""><p><b><br/></b></p>- Experience : 3 to 7 years of relevant experience in Information Security, with a minimum of 2-3 years directly focused on Cloud Security in a production environment.</p><p class=""><br/>- Cloud Platforms : Hands-on experience with at least one major Public Cloud Provider (AWS, Microsoft Azure, or GCP).
Multi-cloud experience is a significant advantage.<br/><br/><b>Core Cloud Security Skills :</b></p><p class=""><p><b><br/></b></p>- Strong knowledge of Cloud Networking and security services.<br/><br/></p><p class="">- Expertise in Identity and Access Management (IAM/RBAC) concepts and implementation.<br/><br/></p><p class="">- Familiarity with Infrastructure as Code (IaC) tools (Terraform, CloudFormation, etc.).<br/><br/></p><p class="">- Experience with security monitoring and logging tools (e.g., CloudTrail, Azure Monitor, Splunk).<br/><br/></p><p class="">- Technical Foundations : Strong understanding of security principles, including application security, network security, operating systems (Linux/Windows), and secure development lifecycles.<br/><br/></p><p class="">- Proficiency in at least one scripting language (e.g., Python, Bash, PowerShell) for automation of security tasks.<br/><br/></p><p class="">- Education : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.<br/><br/><b>Preferred Qualifications :</b><br/><br/><b>Certifications (Highly Desirable) :</b></p><p class=""><p><b><br/></b></p>- Certified Cloud Security Professional (CCSP)<br/><br/></p><p class="">- Certified Information Systems Security Professional (CISSP)<br/><br/></p><p class="">- Vendor-specific certifications (e.g., AWS Certified Security - Specialty, Azure Security Engineer Associate - AZ 500, Google Professional Cloud Security Engineer).<br/><br/></p><p class="">- Experience with Container Security technologies (Docker, Kubernetes) and related security tools.<br/><br/></p><p class="">- Prior experience in a consulting environment or managing security for a large-scale enterprise cloud migration.<br/><br/><b>Behavioral Competencies :</b></p><p class=""><p><b><br/></b></p>- Excellent analytical and problem-solving skills with a keen attention to detail.<br/><br/></p><p class="">- Strong verbal and written communication skills, capable of explaining complex security issues to technical and non-technical stakeholders.<br/><br/></p><p class="">- Self-motivated, proactive, and able to work effectively both independently and as part of a collaborative team.<br/><br/></p><p class="">- Commitment to continuous learning and staying updated with the latest cloud security trends and technologies.</p><br/></p> (ref:hirist.tech)