Cloud Security Specialist

Job Description

Redaptive is seeking a highly skilled Cloud Security Specialist to join our team in Pune. This critical position offers an exceptional opportunity to shape and lead Redaptive's cloud security strategy while working with cutting-edge technologies in a dynamic, mission-driven organization. The ideal candidate will combine technical expertise with a collaborative approach to embed security throughout our cloud infrastructure and development processes.

Responsibilities and Duties:

AWS Security Architecture & Strategy

- Design and implement comprehensive security architectures for Redaptive's AWS cloud environments
- Develop cloud security roadmaps aligned with business objectives and compliance requirements
- Establish security standards, policies, and procedures for AWS deployments
- Evaluate and recommend security enhancements to strengthen the cloud security posture
- Lead security aspects of cloud migration initiatives and new AWS service adoptions
- Implement zero-trust security principles in cloud architecture designs
- Provide expert guidance on AWS security best practices to stakeholders across the organization
- Establish metrics to measure the effectiveness of cloud security control

Security Automation & CI/CD Integration

- Develop and maintain security as code implementations for AWS environments
- Integrate security controls and checks into CI/CD pipelines
- Automate security scanning, compliance verification, and remediation processes
- Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform
- Create automated security testing frameworks for cloud resources
- Develop custom security rules and policies for automated enforcement
- Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle
- Design and implement automated incident response playbooks for cloud security event

Cloud Security Monitoring & Operations

- Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail
- Implement and tune cloud-native SIEM solutions for comprehensive security visibility
- Develop and maintain cloud security dashboards and reporting mechanisms
- Perform advanced cloud security investigations and threat hunting
- Respond to and remediate cloud security incidents
- Conduct cloud security posture assessments and vulnerability management
- Implement and manage cloud security logging and audit mechanisms
- Develop and maintain cloud security incident response procedure

Identity & Access Management

- Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles
- Develop automated solutions for identity lifecycle management in cloud environments
- Implement and manage privileged access management for AWS resources
- Configure and maintain AWS Single Sign-On and federation with corporate identity providers
- Design and implement secure service-to-service authentication mechanisms
- Conduct regular access reviews and implement automated compliance checks
- Develop and maintain IAM security frameworks and governance processes
- Implement automated detection and remediation of IAM policy violations

Compliance & Risk Management

- Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST)
- Develop and implement cloud security compliance frameworks and controls
- Perform cloud security risk assessments and develop risk treatment plans
- Lead cloud-focused security aspects of compliance audits and assessments
- Implement technical controls to meet compliance requirements
- Develop and maintain cloud security documentation for compliance purposes
- Design and implement data protection controls for regulated information in the cloud
- Partner with legal and compliance teams on regulatory and contractual security requirement

DevSecOps Collaboration

- Work closely with DevOps teams to implement security throughout the cloud deployment lifecycle
- Provide guidance on secure cloud architecture and configuration
- Develop security requirements and acceptance criteria for cloud deployments
- Review infrastructure as code for security consideration
- Participate in sprint planning and retrospectives to integrate security into agile processes
- Conduct security knowledge transfer sessions for development and operations teams
- Collaborate on resolving security findings and implementing remediation
- Champion a DevSecOps culture across the organization

Required Abilities and Skills

- Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail
- Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM)
- Hands-on experience implementing security controls in CI/CD pipelines
- Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform
- Experience with cloud security posture management (CSPM) tools and processes
- Strong understanding of identity and access management principles in cloud environments
- Experience with automated security testing and continuous security validation
- Proficiency in scripting and programming (Python, Bash, etc.) for security automation
- Excellent understanding of network security, containerization security, and serverless security
- In-depth knowledge of DevSecOps principles and practices
- Excellent written and verbal communication skills

Preferred Abilities and Skills

- Experience with multi-cloud security strategies and implementation
- Knowledge of regulatory compliance requirements relevant to cloud environments
- Experience with container security (Docker, Kubernetes, ECS, EKS)
- Background in implementing Zero Trust architecture in AWS environments
- Experience with AWS automated incident response and remediation
- Knowledge of cloud-native security tools and platforms
- Experience with Hashicorp Vault or similar secrets management solutions
- Background in implementing security for data lakes and analytics platforms
- Experience with cloud workload protection platforms (CWPP)
- Knowledge of serverless security best practices
- Experience with cloud security in the energy efficiency or sustainability industries
- Background in threat modeling for cloud architectures
- Experience working with global teams and offshore development models

Education requirements

- Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred
- Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security
- Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)