EY TC-CS-Cyber Architecture-OT Engineering-Cloud Security-Senior 

India, Karnataka, Bengaluru 

856112200

Responsibilities:

• Implement Twistlock (Prisma Cloud) to secure cloud-native applications across containers, serverless environments, and VMs.
• Integrate security scans into CI/CD pipelines to enable DevSecOps best practices.
• Manage vulnerability detection, compliance checks, and runtime protection for Kubernetes and cloud workloads.
• Collaborate with DevOps and cloud teams to shift security left, embedding security early in the development lifecycle.
• Develop and enforce policies for secure application deployment in cloud-native environments.
• Design and maintain automated security workflows using Twistlock across multi-cloud environments (AWS, Azure, GCP).
• Perform risk assessments on containerized applications and serverless functions in a cloud-native DevOps ecosystem.
• Enable real-time threat detection and incident response for containerized workloads and cloud services.
• Define and implement best practices for vulnerability management, image scanning, and compliance reporting.
• Collaborate with developers to create secure-by-design container images and Infrastructure as Code (IaC) templates.
• Lead initiatives to embed security controls into Kubernetes clusters, microservices, and CI/CD pipelines.
• Monitor and optimize Twistlock policies to adapt to evolving cloud-native application architectures.
• Drive security automation initiatives to minimize manual intervention and increase DevSecOps maturity.
• Identify and address vulnerabilities in cloud configurations, ensuring compliance with industry standards and monitoring cloud infrastructure for security gaps.
• Automate deployments and integrate security tools using Python and Terraform.

Preferred Requirements:

• Expertise in Twistlock (Prisma Cloud) for container and cloud-native application security.
• Hands-on experience with Terraform for automating infrastructure provisioning and security.
• Familiarity with CSPM tools like Wiz and CSPM for monitoring and improving cloud security posture.
• Proficiency in scripting and automation using Python to streamline processes.
• Strong understanding of cloud environments (AWS, Azure, GCP) and their native security services.
• Knowledge of DevSecOps principles, including integrating security into CI/CD pipelines and adopting Infrastructure as Code (IaC) practices.
• Ability to adapt security workflows to evolving multi-cloud and containerized application architectures.

Required:

• Minimum of 5 years of IT experience
• At least 3+ years of specialization in CSPM tools
• At least 2+ years of application development in python.
• At least 2+ Experience with programming languages such as Terraform.
• Minimum 2-3 years of experience in implementing and managing Twistlock (Prisma Cloud) for container and cloud-native application security.
• 3-5 years of experience in managing and securing multi-cloud environments (AWS, Azure, GCP) with native security tools.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.