Cloud Security Specialist

Position Summary:

Redaptive is seeking a highly skilled Cloud Security Specialist to join our team in Pune. This critical position offers an exceptional opportunity to shape and lead Redaptive's cloud security strategy while working with cutting-edge technologies in a dynamic, mission-driven organization. The ideal candidate will combine technical expertise with a collaborative approach to embed security throughout our cloud infrastructure and development processes.

Responsibilities and Duties:

AWS Security Architecture & Strategy:

• Design and implement comprehensive security architectures for Redaptive's AWS cloud environments
• Develop cloud security roadmaps aligned with business objectives and compliance requirements
• Establish security standards, policies, and procedures for AWS deployments
• Evaluate and recommend security enhancements to strengthen the cloud security posture
• Lead security aspects of cloud migration initiatives and new AWS service adoptions
• Implement zero-trust security principles in cloud architecture designs
• Provide expert guidance on AWS security best practices to stakeholders across the organization
• Establish metrics to measure the effectiveness of cloud security controls

Security Automation & CI/CD Integration:

• Develop and maintain security as code implementations for AWS environments
• Integrate security controls and checks into CI/CD pipelines
• Automate security scanning, compliance verification, and remediation processes
• Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform
• Create automated security testing frameworks for cloud resources
• Develop custom security rules and policies for automated enforcement
• Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle
• Design and implement automated incident response playbooks for cloud security events

Cloud Security Monitoring & Operations:

• Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail
• Implement and tune cloud-native SIEM solutions for comprehensive security visibility
• Develop and maintain cloud security dashboards and reporting mechanisms
• Perform advanced cloud security investigations and threat hunting
• Respond to and remediate cloud security incidents
• Conduct cloud security posture assessments and vulnerability management
• Implement and manage cloud security logging and audit mechanisms
• Develop and maintain cloud security incident response procedures

Identity & Access Management:

• Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles
• Develop automated solutions for identity lifecycle management in cloud environments
• Implement and manage privileged access management for AWS resources
• Configure and maintain AWS Single Sign-On and federation with corporate identity providers
• Design and implement secure service-to-service authentication mechanisms
• Conduct regular access reviews and implement automated compliance checks
• Develop and maintain IAM security frameworks and governance processes
• Implement automated detection and remediation of IAM policy violations

Compliance & Risk Management:

• Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST)
• Develop and implement cloud security compliance frameworks and controls
• Perform cloud security risk assessments and develop risk treatment plans
• Lead cloud-focused security aspects of compliance audits and assessments
• Implement technical controls to meet compliance requirements
• Develop and maintain cloud security documentation for compliance purposes
• Design and implement data protection controls for regulated information in the cloud
• Partner with legal and compliance teams on regulatory and contractual security requirements

DevSecOps Collaboration:

• Work closely with DevOps teams to implement security throughout the cloud deployment lifecycle
• Provide guidance on secure cloud architecture and configuration
• Develop security requirements and acceptance criteria for cloud deployments
• Review infrastructure as code for security considerations
• Participate in sprint planning and retrospectives to integrate security into agile processes
• Conduct security knowledge transfer sessions for development and operations teams
• Collaborate on resolving security findings and implementing remediation
• Champion a DevSecOps culture across the organization

Required Abilities and Skills:

• Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail
• Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM)
• Hands-on experience implementing security controls in CI/CD pipelines
• Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform
• Experience with cloud security posture management (CSPM) tools and processes
• Strong understanding of identity and access management principles in cloud environments
• Experience with automated security testing and continuous security validation
• Proficiency in scripting and programming (Python, Bash, etc.) for security automation
• Excellent understanding of network security, containerization security, and serverless security
• In-depth knowledge of DevSecOps principles and practices
• Excellent written and verbal communication skills

Preferred Abilities and Skills:

• Experience with multi-cloud security strategies and implementations
• Knowledge of regulatory compliance requirements relevant to cloud environments
• Experience with container security (Docker, Kubernetes, ECS, EKS)
• Background in implementing Zero Trust architecture in AWS environments
• Experience with AWS automated incident response and remediation
• Knowledge of cloud-native security tools and platforms
• Experience with Hashicorp Vault or similar secrets management solutions
• Background in implementing security for data lakes and analytics platforms
• Experience with cloud workload protection platforms (CWPP)
• Knowledge of serverless security best practices
• Experience with cloud security in the energy efficiency or sustainability industries
• Background in threat modeling for cloud architectures
• Experience working with global teams and offshore development models

Education requirements:

• Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred
• Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security
• Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)

Travel:

0% of travel time expected for the position, where the travel occurs, such as locally or in specific countries or states, and whether the travel is overnight.

The Perks

• Equity plan participation
• Medical and Personal Accident Insurance
• Support on Hybrid working – Equipment & Relocation
• Flexible Time Off
• Continuous Learning
• Annual bonus, subject to company and individual performance

The company is an Equal Opportunity Employer, drug free workplace, and complies with Labor Laws as applicable. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. The requirements listed in this document are the minimum levels of knowledge, skills, or abilities.

Redaptive is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

---