Cloud Security Specialist

Redaptive is seeking a highly skilled Cloud Security Specialist to join our team in Pune. This critical position offers an exceptional opportunity to shape and lead Redaptive's cloud security strategy while working with cutting-edge technologies in a dynamic, mission-driven organization. The ideal candidate will combine technical expertise with a collaborative approach to embed security throughout our cloud infrastructure and development processes.

Responsibilities and Duties:

AWS Security Architecture & Strategy

• Design and implement comprehensive security architectures for Redaptive's AWS cloud environments
• Develop cloud security roadmaps aligned with business objectives and compliance requirements
• Establish security standards, policies, and procedures for AWS deployments
• Evaluate and recommend security enhancements to strengthen the cloud security posture
• Lead security aspects of cloud migration initiatives and new AWS service adoptions
• Implement zero-trust security principles in cloud architecture designs
• Provide expert guidance on AWS security best practices to stakeholders across the organization
• Establish metrics to measure the effectiveness of cloud security control

Security Automation & CI/CD Integration

• Develop and maintain security as code implementations for AWS environments
• Integrate security controls and checks into CI/CD pipelines
• Automate security scanning, compliance verification, and remediation processes
• Implement infrastructure as code (IaC) security practices for AWS CloudFormation and Terraform
• Create automated security testing frameworks for cloud resources
• Develop custom security rules and policies for automated enforcement
• Collaborate with DevOps teams to ensure security requirements are met throughout the development lifecycle
• Design and implement automated incident response playbooks for cloud security event

Cloud Security Monitoring & Operations

• Configure and manage cloud security monitoring solutions including AWS Security Hub, GuardDuty, and CloudTrail
• Implement and tune cloud-native SIEM solutions for comprehensive security visibility
• Develop and maintain cloud security dashboards and reporting mechanisms
• Perform advanced cloud security investigations and threat hunting
• Respond to and remediate cloud security incidents
• Conduct cloud security posture assessments and vulnerability management
• Implement and manage cloud security logging and audit mechanisms
• Develop and maintain cloud security incident response procedure

Identity & Access Management

• Design and implement AWS IAM policies, roles, and permission boundaries following least privilege principles
• Develop automated solutions for identity lifecycle management in cloud environments
• Implement and manage privileged access management for AWS resources
• Configure and maintain AWS Single Sign-On and federation with corporate identity providers
• Design and implement secure service-to-service authentication mechanisms
• Conduct regular access reviews and implement automated compliance checks
• Develop and maintain IAM security frameworks and governance processes
• Implement automated detection and remediation of IAM policy violations

Compliance & Risk Management

• Ensure AWS environments meet relevant regulatory requirements and industry standards (e.g., SOC 2, ISO 27001, NIST)
• Develop and implement cloud security compliance frameworks and controls
• Perform cloud security risk assessments and develop risk treatment plans
• Lead cloud-focused security aspects of compliance audits and assessments
• Implement technical controls to meet compliance requirements
• Develop and maintain cloud security documentation for compliance purposes
• Design and implement data protection controls for regulated information in the cloud
• Partner with legal and compliance teams on regulatory and contractual security requirement

DevSecOps Collaboration

• Work closely with DevOps teams to implement security throughout the cloud deployment lifecycle
• Provide guidance on secure cloud architecture and configuration
• Develop security requirements and acceptance criteria for cloud deployments
• Review infrastructure as code for security consideration
• Participate in sprint planning and retrospectives to integrate security into agile processes
• Conduct security knowledge transfer sessions for development and operations teams
• Collaborate on resolving security findings and implementing remediation
• Champion a DevSecOps culture across the organization

Required Abilities and Skills

• Advanced expertise with AWS security services including GuardDuty, Security Hub, IAM, KMS, and CloudTrail
• Strong understanding of cloud security frameworks (AWS Well-Architected Framework, NIST CSF, CSA CCM)
• Hands-on experience implementing security controls in CI/CD pipelines
• Expert knowledge of infrastructure as code (IaC) security for AWS CloudFormation and/or Terraform
• Experience with cloud security posture management (CSPM) tools and processes
• Strong understanding of identity and access management principles in cloud environments
• Experience with automated security testing and continuous security validation
• Proficiency in scripting and programming (Python, Bash, etc.) for security automation
• Excellent understanding of network security, containerization security, and serverless security
• In-depth knowledge of DevSecOps principles and practices
• Excellent written and verbal communication skills

Preferred Abilities and Skills

• Experience with multi-cloud security strategies and implementation
• Knowledge of regulatory compliance requirements relevant to cloud environments
• Experience with container security (Docker, Kubernetes, ECS, EKS)
• Background in implementing Zero Trust architecture in AWS environments
• Experience with AWS automated incident response and remediation
• Knowledge of cloud-native security tools and platforms
• Experience with Hashicorp Vault or similar secrets management solutions
• Background in implementing security for data lakes and analytics platforms
• Experience with cloud workload protection platforms (CWPP)
• Knowledge of serverless security best practices
• Experience with cloud security in the energy efficiency or sustainability industries
• Background in threat modeling for cloud architectures
• Experience working with global teams and offshore development models

Education requirements

• Bachelor's degree in Cybersecurity, Computer Science, or related field; Master's degree preferred
• Minimum of 7+ years of experience in cybersecurity, with at least 5 years focused on cloud security
• Relevant security certifications (AWS Certified Security - Specialty, CCSP, CISSP, or equivalent)