Cloud Security Engineer II

Job Locations IN-Pune
Posted Date 1 week ago(6/20/2022 7:08 AM)
Job ID
2022-2808
Organization
Cloud Ops / Security / IT

­

The Opportunity:

TraceLink is looking for an experienced cloud security engineer who can contribute & deliver on various initiatives for cloud security in support of our SaaS services. This hands-on role will partner with others members in the Security, Cloud Operations and SRE. Must have strong analytical mind, good understanding of cyber security methodologies and outstanding problem-solving skills. The candidate should be comfortable working with a variety of technologies, security problems, and troubleshooting of cloud-based infrastructure and services.

­

Major Duties / Responsibilities:

  • Provide support for the TraceLink’s cloud security initiatives, vision & roadmap
  • Assist in the design, implementation & maintenance of open-source security solutions in cloud infrastructure
  • Contribute in the adoption of modern cloud-native security solutions; finetuning IAM policies and ensure security practices aligned with Best practises
  • Regularly Monitor, Analyse security events and support investigation of high/critical security alerts
  • Collaborate with senior members in Architecture, Engineering, and Cloud Operations to implement and adopt the modern security focused technologies and services
  • Contribute to the development and enhancement of security policies, standards, procedures, guidelines, and controls
  • Support incident response activities; partner with other teams as needed to resolve
  • Perform periodic checks/audits to ensure state of security controls are in line with TraceLink security policies, compliance requirements
  • Support enhancement of logging, monitoring & threat detection capabilities for existing tooling and contribute in the Proof-of-Concept activities
  • Work on infrastructure and container vulnerability management, periodic access reviews for Tracelink applications/users
  • Contribute for developing security focused metrics and reports demonstrating current risk state & organizational alignment with least privilege principle, secure configuration & consistent logging
  • Perform and assist in the security tasks for ISO 27001, SOC 2 audit and relevant evidence gathering
  • Support existing & develop new automation scripts/tools for redundant and/or manual tasks

­

Skills and Requirements:

Minimum 3+ year’s Hands-on experience in the similar security role, including following:

  • Working experience in cloud platforms and cloud-native environments (AWS Preferred)
  • Working experience on cloud native or 3rd party security solutions/services such as but not limited CloudTrail, GuardDuty, Config, SecurityHub, CloudCustodian, Clair etc.
  • Working experience on Logging & Monitoring solutions and/or SIEM, Vulnerability Management Solutions
  • Knowledge of CSPM solutions to secure public cloud platforms aligned with industry best practises
  • Knowledge of Python and prior experience of automating the redundant/manual work
  • Experience in monitoring and analysis of security relevant logs and ability to write custom queries to search important events from Elasticsearch or any equivalent log data store.
  • Understanding and experience(preferred) on working with AWS IAM related concepts and services such as IAM roles, policies, Service Control Policies (SCPs), AWS Organizations, Control Tower
  • Experience of working with Linux/Unix environment and should be comfortable with running Linux commands.
  • Experience on using ticketing or defect tracking systems such as Jira, Service-Now etc.

 

Preferred Skills

  • Strong Automation & Scripting experience with Python & Boto3
  • Experience working with CNCF open source tools
  • Experience with Kubernetes, Container security tooling, Infrastructure-as-Code tools
  • Experience working in DevSecOps environment, operating & securing CI/CD pipeline, Git etc.
  • Certifications such as Security+, AWS Certifications, SANS or any vendor-specific security certifications
  • Bachelor's degree in Computer Science, Information Systems Security, or equivalent experience
  • Familiarity with ISO 27001, ISO 27017, SOC 2, NIST, and GxP requirements
  • Excellent verbal and written communication skills, including executive-level presentations

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed