TC-CS-Cyber Architecture

Responsibilities:

• Responsible for designing and implementing security solutions for applications and services deployed on AWS or GCP cloud platforms.
• Design secure SDLC processes and embed security into CI/CD pipelines.
• Develop and enforce policies as code for secure cloud-native deployments.
• Drive security automation and DevSecOps maturity across teams.
• Participate in guiding application teams through key security functional requirements and edge cases.
• Drive security initiatives and adoptions of secured solutions in team by addressing key challenges that aids senior leaderships with strategic directions.
• Ensure alignment with industry standards and regulatory requirements.
• Strong understanding around implementation techniques and tools with regards to application security (eg: SAST, DAST, IaC scanning, secret detection, drift detection etc) tailored for cloud environments (preferably in AWS/GCP Cloud).
• Guide as an SME in the field of security on Cloud with focus on governance, audits, and compliance efforts.
• Perform routine development activities in a sprint based model to enforce detective, preventative and corrective cloud security controls on Cloud.

• Preferred Requirements:
• Deep expertise in core domains of Cloud computing: Compute, Storage, Networking, Data and Security.
• Advanced proficiency in Python/Go with Cloud-native developments and automation use-cases.
• Strong leadership and collaboration skills across cross-functional teams.
• Deep knowledge and hands-on skills in secure development lifecycle and cloud-native scalable design patterns (eg: microservices, containers, CI/CD pipelines with Cloud-native technologies like AWS CodePipeline, Jenkins, Github Actions etc.
• Familiarity with IaC hardening techniques.
• Strong policy as code development
• Strong hands-on experience with Infrastructure as Code technologies like Terraform (Preferred), AWS CloudFormation templates.
• Deep understanding of cloud-native security, container security, and serverless protection.
• Familiarity/awareness around Policy as code in cloud environments.
• Hands-on experience with CSPM tools (Prisma/Wiz/AWS Security Hub etc).

• Required:
• Minimum 4+ years of Cloud technology, specifically in Security engineering, or Security Architecture roles
• 3+ years of extensive hands-on experience with AWS Cloud/GCP Cloud.
• 2+ years of Python/Go development for automation and other use-cases on AWS Cloud/GCP Cloud.
• 3+ years of Terraform(preferred)/AWS CloudFormation experience in infrastructure provisioning. Certifications preferred.
• 3+ years of experience in Github Actions, Bash Scripts, YAML etc.
• Deep expertise in writing production quality modular code or 3+ years of experience in Policy as Code technologies like: HashiCorp Sentinel Policies, OPA (rego policy), OPA GateKeeper policies for Kubernetes, AWS SCPs, Google Organization Policies.
• Strong GIT or version control experience.
• 2+ years of experience working with Docker products, Kubernetes clusters (cloud-native preferably EKS/GKE) and overall containerization lifecycle.
• Any of the following certifications are a plus: AWS Certified Solutions Architect Associate, Google Cloud Professional security engineer, AWS Certified Security Specialty.
• Familiarity with Security frameworks in threat modelling (STRIDE) and other OWASP TOP 10 and implementing them at scale.