Cloud Security Professional

LTTS India
- Mumbai
- Key Responsibilities
1. Cloud Architecture & Design
- Design and manage secure cloud architectures across AWS, Azure, GCP, or hybrid environments.

2. Security Controls Implementation
- Deploy and manage cloud security tools (e.g., CSPM, CWPP, IAM, encryption, firewalls).
- Define and enforce policies for identity and access management, data protection, and network security.
- Conduct regular security assessments and audits of cloud environments.

3. Incident Response & Threat Management
- Lead cloud-specific incident response efforts including detection, containment, eradication, and recovery.
- Develop and maintain playbooks for cloud security incidents.
- Perform forensic analysis and root cause investigations for cloud-based breaches or anomalies.

4. Compliance & Governance
- Ensure alignment with security frameworks (e.g., NIST, ISO 27001, CIS Benchmarks).
- Support regulatory compliance efforts in cloud environments.
- Maintain documentation and reporting for audits and risk assessments.

5. Miscellaneous
- Configure network security defences, including VPC Service Controls, firewall rules, and boundary protections
- Implement data protection strategies: encryption, key management, and Data Loss Prevention (DLP) over cloud
- Monitor environments for threats and lead incident response and forensic investigations
- Draft and deliver security best-practice guides, tutorials, and technical presentations
- ____________________
Required Skills and Expertise
- Cloud Platforms Expertise
- Deep hands-on experience with at least one major cloud provider: AWS, Azure, or Google Cloud Platform (GCP)
- Understanding of cloud-native services (e.g., EC2, S3, IAM, Azure AD, GCP IAM)
- Cloud Architecture & Design
- Ability to design secure, scalable, and resilient cloud architectures
- Knowledge of multi-cloud and hybrid cloud environments
- Security Controls Implementation
- Proficiency in configuring and managing:

- Identity and Access Management (IAM)
- Encryption (at rest and in transit)
- Firewalls and security groups
- Cloud Security Posture Management (CSPM)
- Cloud Workload Protection Platforms (CWPP)
- Incident Response & Threat Detection
- Experience with cloud-specific incident response and forensic investigation
- Familiarity with SIEM and SOAR platforms (e.g., Splunk, Sentinel, Chronicle)
- Threat modelling and vulnerability management in cloud environments

This role also demands proficiency in logging and monitoring tools, scripting for automation (Python, Bash), and a solid grasp of networking fundamentals (TCP/IP, routing, VPNs).
- ____________________

**Qualifications**:

- Bachelor's degree in computer science, Information Security, or equivalent practical experience
- 5+ years of experience architecting, developing, or maintaining secure cloud solutions, with at least 3 years focused on Cloud Platform security (GCP/ Azure/ AWS etc)
- Proven track record in customer-facing roles, managing cross-functional security projects from inception to completion
- Hands-on experience with cloud services: Cloud IAM, VPC, Cloud KMS, Security Command Center, Cloud Armor and beyond
- Excellent written and verbal communication skills, including the ability to engage with senior stakeholders and technical teams alike

Preferred Certifications
- AWS Certified Security - Specialty / Azure Security Engineer Associate / Google Professional Cloud Security Engineer
- Certified Cloud Security Professional (CCSP) or equivalent
- Offensive Security Certified Professional

**Job Requirement**
- Incident Response & Threat Detection,Security Controls Implementation,Cloud Architecture & Design, Cloud Platforms Expertise,