cloud security specialist

Key Responsibilities

• Serve as Cybersecurity Incident Coordinator & SOC Liaison, advancing incident management and assisting in remediation of security incidents.
  • Capture insights, conduct retrospectives, maintain metrics, and improve response processes.
  • Explain cybersecurity processes during audits and champion security awareness across teams and clients.
  • Advocate and promote cybersecurity services internally and externally; represent the company at conferences, trade shows, and events.
  • Manage and execute complex cybersecurity engagements including risk assessments, vulnerability testing, penetration testing, and threat analysis.
  • Support cybersecurity transformation programs and develop frameworks based on industry standards (ISO, NIST, etc.).
  • Implement and monitor data security and access control policies across cloud and on-prem environments.
  • Monitor networks, systems, and DLP solutions for threats, breaches, and data leakage.
  • Investigate and respond to incidents, perform root cause analysis, and remediate identified gaps.
  • Conduct audits to ensure compliance with standards and regulations (ISO 27001, SOC 2, HIPAA, PCI, GDPR, NIS2).
  • Contribute to BCP planning, tabletop exercises, and red/purple team initiatives.
  • Provide pre-sales consultation, proposals, and technical demos; support business development and go-to-market strategy.
  • Develop and nurture vendor and client relationships to align with security strategy.
  • Collaborate with cross-functional and global teams on large-scale security initiatives.
  • Provide security guidance throughout the SDLC, conduct secure design reviews, and integrate security into CI/CD pipelines.
  • Research emerging threats, security tools, and technologies; contribute to automation and process improvement.
  • Mentor junior analysts and act as an escalation point during incidents.
  • Prepare and present reports for stakeholders, management, and executives.

Skills & Expertise

• Strong knowledge of cybersecurity frameworks and standards (ISO 27001, NIST CSF, MITRE ATT&CK).
  • Hands-on experience with AWS security services (IAM, GuardDuty, Security Hub, etc.); familiarity with Azure and O365.
  • Proficient with security tools: SIEM, IDS/IPS, NGFW, EDR, HIDS/HIPS, AV, DLP, vulnerability scanners.
  • Skilled in application security testing tools (Burp Suite, OWASP Zap, Checkmarx, Fortify, Coverity, Semgrep, Blackduck, etc.).
  • Technical knowledge of protocols (TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS).
  • Knowledge of operating systems (Windows, Unix/Linux, MacOS).
  • Experience with scripting/programming languages (Python, Bash, PowerShell, .NET) and regular expressions.
  • Understanding of secure software development, microservices architecture, and DevSecOpspractices.
  • Strong written/verbal communication; ability to work with SMEs, executives, and cross-discipline stakeholders.
  • Proficiency with DLP, encryption concepts, endpoint management, and cloud security configurations.
  • Practical experience with digital forensics, incident response, malware analysis, and threat intelligence.

Experience & Qualifications

• 3+ years in cybersecurity, consulting, or Big4/equivalent environment.
  • Track record in leadership, mentoring, project and client management.
  • Experience with SOC 1/2/3 audits and IT risk management.
  • Proven success in professional services sales and pre-sales engagements.
  • 3+ years of experience in DevSecOps and automation of security processes in CI/CD pipelines.
  • 5+ years of application security experience (DAST, SAST, SCA, ASM).
  • Experience with infrastructure operations, IT service management, and enterprise security monitoring.
  • Relevant certifications preferred: CISSP, CEH, GCIH, GCFA, GCSA, GMON, Security+, CSSLP, or equivalent.
  • Bachelor's degree in Information Security, Computer Science, or equivalent.
  • Fluent in written and spoken English.

Job Type: Full-time

Pay: From ₹25,000.00 per month

Work Location: Remote