Cloud/Information Security Engineer

Key Responsibilities : - Define, implement, and maintain security standards and configurations for AWS, Azure, and GCP platforms, leveraging frameworks such as CIS Benchmarking and NIST. - Configure, manage, and effectively utilize cloud security scanning tools, including WIZ.IO, Sysdig, Tenable Nessus SC, Bigfix, Qualys, and NEXPOSE, to identify security vulnerabilities and compliance deviations within cloud environments. - Analyze scan results, interpret findings, and accurately identify instances of non-compliance with defined security policies and frameworks. - Plan, prioritize, and execute remediation steps for identified security vulnerabilities and compliance gaps across cloud platforms. - Collaborate closely with cloud engineering, DevOps, and other IT teams to ensure the timely and effective implementation of security controls and remediation actions. - Monitor the ongoing security posture of the cloud infrastructure and report on compliance status and risks. - Develop and maintain clear documentation for cloud security configurations, scanning procedures, and remediation processes. - Stay updated on the latest cloud security threats, vulnerabilities, security best practices, and evolving compliance requirements across AWS, Azure, and GCP. - Assist in the development and enforcement of cloud security Skills and Qualifications : - Minimum of 5 to 7 years of experience in Information Security or Cloud Security. - Mandatory : Experience in defining and implementing security configurations and standards for AWS, Azure, and GCP based on CIS Benchmarking and/or NIST framework. - Mandatory : Hands-on experience with configuring and utilizing cloud security scanning and vulnerability management tools, specifically including WIZ.IO, Sysdig, Tenable Nessus SC, Bigfix, Qualys, and NEXPOSE. - Mandatory : Proven experience in the remediation of non-compliance and security vulnerabilities identified through cloud security scanning. - Strong understanding of security concepts applicable to public cloud platforms (AWS, Azure, GCP). - Knowledge of security frameworks such as CIS Benchmarks and NIST. - Excellent analytical and problem-solving skills for identifying and resolving security issues. - Strong written and verbal communication Skills (Plus Points) : - Relevant cloud security certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer). - Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation). - Experience with scripting for automation of security tasks. - Familiarity with other security tools and technologies (e.g., SIEM, WAF) (ref:hirist.tech)

Location: mumbai, IN

Posted Date: 5/9/2025