Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

EY TC-CS-Cyber Architecture- OT Engineering-Cloud 
India, Karnataka, Bengaluru 
425538741

29.08.2024

Cloud Security Automation Engineer (Multi-Cloud)

  • Implement cloud security automation using IAC (Terraform hands on experience is must).
  • Strong hands-on experience of Python and scripting language is a must.
  • Implement CSPM tools such as wiz.io across multiple cloud platforms is must.
  • Define cloud security policies, standards, and best practices in a multi-cloud environment.
  • Promote awareness of corporate cybersecurity policy, standards and guidelines
  • Perform regular reviews of cloud infrastructure for security, and cloud best practices.
  • Develop threat models to identify risks and prioritize improvements to our architecture.
  • Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
  • Educate peers on applying the latest cloud native technologies when developing new services, systems and applications.
  • Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
  • Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements.
  • Evaluate new applications to ensure implementation can meet security baselines.
  • Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.
  • Determine risks and remediation options with implemented SaaS applications.
  • Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.
  • Examine all relevant application logs to determine trends and identify incidents or areas for concern.

Preferred qualifications & experience:

  • Security Automation using Terraform and other cloud native services .
  • Strong experience in vulnerability management & risk assessment .
  • Strong experience in implementing CIS, NIST & other benchmarks
  • Encryption theory & key management (PKI)
  • Multi-Cloud security experience working in the Financial industry
  • Proficient in analyzing architecture patterns, diagrams, Network & application architecture
  • Ability to identify threat surfaces & identify pro-active & reactive security controls to minimize the overall residual risk.
  • Cloud certifications in AWS & GCP is preferred.
  • Demonstrated experience with process automation and improvement.
  • Proficiency with at least one scripting language (e.g., Perl, Python and PowerShell).
  • Should have 3-7 years of experience in any of two CSPs – AWS, Azure, GCP – Cloud security
  • Hands on experience on Python, Terraform , IAC scanning .
  • Implement CSPM tools such as wiz.io across multiple cloud platforms.
  • Worked on Threat modelling of Cloud based SaaS based applications , AWS ,Azure and GCP services
  • Implement cloud security strategy, standards, procedures, best practices, and DevSecOps.
  • Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.
  • Define cloud security policies, standards, and best practices in a multi-cloud environment.
  • Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.



EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.