EY TC-CS-Cyber Architecture-OT Engineering-Cloud Security Engineer-Senior 

India, Karnataka, Bengaluru 

997213949

Exp –3-6 years

• Cloud Security Engineer (Multi-Cloud)
• Implement cloud security strategy, standards, procedures, best practices for AWS and Azure.
• Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.
• Collaborate with operations and engineering teams to implement and tune cloud-native security monitoring, tooling and reporting
• Define cloud security policies, standards, and best practices in a multi-cloud environment .
• Promote awareness of corporate cybersecurity policy, standards and guidelines
• Design cloud-based network traffic flows to drive anomaly detection capability
• Mentor engineering and operations staff on unique cloud-based security controls
• Develop tools to improve cloud specific anomaly detection requirements
• Foster a culture of security by partnering with solutions architects & other business teams to balance key performance and security
• Perform regular reviews of cloud infrastructure for security, and cloud best practices.
• Develop threat models to identify risks and prioritize improvements to our architecture.
• Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
• Educate peers on applying the latest cloud native technologies when developing new services, systems and applications.
• Contribute to a secure/compliant cloud-native service catalog, repositories
• Maintain Compliance across our Production, Development and Corporate systems hosted in the public clouds
• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
• Document SaaS application configuration settings, integrations, service accounts and take ownership of recertification needs.
• Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements.
• Evaluate new applications to ensure implementation can meet security baselines.
• Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.
• Determine risks and remediation options with implemented SaaS applications.
• Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.
• Examine all relevant application logs to determine trends and identify incidents or areas for concern.
• Validate and maintain incident response plans and processes to address potential threats.
• Compile and analyze data for management reporting and metrics.
• Ensure that all SaaS applications follow a standardize lifecycle management process and perform routine audits as necessary.
• Perform account lifecycle management auditing tasks and create documentation detailing account lifecycle needs.
• Perform continuous monitoring of company applications identifying areas of shadow IT and initiating remediation efforts.

Preferred qualifications & experience:

• Compliance Automation
• Strong experience in vulnerability management & risk assessment
• Strong experience in implementing CIS, NIST & other benchmarks
• Encryption theory & key management (PKI)
• Multi-Cloud security experience working in the Financial industry
• Proficient in analyzing architecture patterns, diagrams, Network & application architecture
• Ability to identify threat surfaces & identify pro-active & reactive security controls to minimize the overall residual risk.
• Cloud certifications in AWS & GCP is preferred.
• 3+ years experience managing or auditing SaaS applications. Security+, CISSP, or related certification preferred.
• Demonstrated experience with process automation and improvement.
• Proficiency with at least one scripting language (e.g., Perl, Python and PowerShell).
• Should have 3-6 years of experience in any of two CSPs – AWS , Azure , GCP – Cloud security
• Worked on Threat modelling of Cloud based SaaS based applications , AWS services .
• Strong understanding on Cloud architecture , data flows , encryption & security principles
• Implement cloud security strategy, standards, procedures, best practices, and DevSecOps.
• Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.
• Define cloud security policies, standards, and best practices in a multi-cloud environment.
• Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.