Cloud Security Automation Engineer (Multi-Cloud)
- Implement cloud security automation using IAC (Terraform hands on experience is must).
- Strong hands-on experience of Python and scripting language is a must.
- Implement CSPM tools such as wiz.io across multiple cloud platforms is must.
- Define cloud security policies, standards, and best practices in a multi-cloud environment.
- Promote awareness of corporate cybersecurity policy, standards and guidelines
- Perform regular reviews of cloud infrastructure for security, and cloud best practices.
- Develop threat models to identify risks and prioritize improvements to our architecture.
- Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
- Educate peers on applying the latest cloud native technologies when developing new services, systems and applications.
- Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
- Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements.
- Evaluate new applications to ensure implementation can meet security baselines.
- Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.
- Determine risks and remediation options with implemented SaaS applications.
- Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.
- Examine all relevant application logs to determine trends and identify incidents or areas for concern.
Preferred qualifications & experience:
- Security Automation using Terraform and other cloud native services .
- Strong experience in vulnerability management & risk assessment .
- Strong experience in implementing CIS, NIST & other benchmarks
- Encryption theory & key management (PKI)
- Multi-Cloud security experience working in the Financial industry
- Proficient in analyzing architecture patterns, diagrams, Network & application architecture
- Ability to identify threat surfaces & identify pro-active & reactive security controls to minimize the overall residual risk.
- Cloud certifications in AWS & GCP is preferred.
- Demonstrated experience with process automation and improvement.
- Proficiency with at least one scripting language (e.g., Perl, Python and PowerShell).
- Should have 3-7 years of experience in any of two CSPs – AWS, Azure, GCP – Cloud security
- Hands on experience on Python, Terraform , IAC scanning .
- Implement CSPM tools such as wiz.io across multiple cloud platforms.
- Worked on Threat modelling of Cloud based SaaS based applications , AWS ,Azure and GCP services
- Implement cloud security strategy, standards, procedures, best practices, and DevSecOps.
- Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.
- Define cloud security policies, standards, and best practices in a multi-cloud environment.
- Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.