Senior Security Engineer

This role is for one of Weekday's clients
Salary range: Rs Rs ie INR 30-55 LPA)
Min Experience: 8 years
Location: Chennai
JobType: full-time

Key Responsibilities

AWS Cloud Security Architecture

• Design and implement comprehensive security architecture for AWS cloud environments
• Configure and manage AWS Shield for DDoS protection across payment processing infrastructure
• Implement and optimize AWS CloudFront security configurations including WAF rules, SSL/TLS, and origin protection
• Secure AWS services including EC2, ECS, EKS, Lambda, RDS, S3, and API Gateway
• Design and implement network security controls using VPC, Security Groups, NACLs, and AWS Transit Gateway
• Establish secure CI/CD pipelines for applications and GoLang microservices

Application & Infrastructure Security

• Secure applications running on AWS infrastructure including container and serverless environments
• Implement security controls for GoLang microservices deployed across multiple AWS regions
• Configure and manage AWS WAF rules for web application protection
• Implement container security for Docker containers running and GoLang applications
• Secure Kubernetes clusters (EKS) hosting microservices architecture
• Manage secrets and configuration security using AWS Secrets Manager and Parameter Store

Monitoring & Incident Response

• Implement comprehensive security monitoring using AWS CloudTrail, GuardDuty, and Security Hub
• Deploy and manage Prowler for continuous AWS security monitoring and compliance validation
• Utilize ScoutSuite for regular multi-cloud security posture assessments
• Configure Gitleaks monitoring for continuous secret detection across development workflows
• Implement OpenGrep rules for real-time security vulnerability detection in application code
• Configure CloudWatch alarms and automated incident response workflows
• Develop and maintain security dashboards and reporting mechanisms
• Respond to security incidents and conduct forensic analysis in cloud environments
• Implement automated threat detection and response capabilities
• Monitor and analyze CloudFront access logs and security events

Compliance & Risk Management

• Ensure AWS infrastructure compliance with financial industry regulations (PCI DSS, SOX, GDPR)
• Conduct regular security assessments using Prowler for AWS compliance validation and ScoutSuite for comprehensive security audits
• Implement continuous compliance monitoring through automated tools and custom security frameworks
• Implement and maintain data protection controls for payment processing workloads
• Perform risk assessments for cloud services and architectures
• Develop and maintain disaster recovery and business continuity plans
• Support compliance audits and regulatory assessments

Automation & DevSecOps

• Implement Infrastructure as Code (IaC) security using Terraform, CloudFormation, and AWS CDK
• Integrate Gitleaks for automated secret scanning in CI/CD pipelines and repositories
• Deploy OpenGrep (Semgrep) for static analysis and security vulnerability detection in and GoLang codebases
• Utilize Prowler for comprehensive AWS security assessments and compliance checks
• Implement ScoutSuite for multi-cloud security auditing and configuration reviews
• Develop security automation scripts and tools using Python, Bash, and AWS SDKs
• Integrate security scanning and compliance checks into CI/CD pipelines
• Automate security policy enforcement across AWS accounts and regions
• Implement automated remediation for common security misconfigurations
  

Required Qualifications

Experience

• 8+ years of experience in cloud security, with strong focus on AWS cloud environments
• Hands-on experience with AWS Shield (Standard and Advanced) for DDoS protection
• Extensive experience securing AWS CloudFront distributions including WAF integration and SSL/TLS configuration
• Strong experience securing applications in cloud environments
• Proven experience with GoLang microservices security in containerized and serverless architectures
• Hands-on experience with security automation tools including Gitleaks, OpenGrep, Prowler, and ScoutSuite
• Experience with AWS security services (GuardDuty, Security Hub, Config, CloudTrail)
• Knowledge of financial services security requirements and payment processing compliance

Technical Skills

• Advanced proficiency in AWS security services and best practices
• Deep understanding of AWS Shield and DDoS mitigation strategies
• Expert-level knowledge of AWS CloudFront security configurations and optimization
• Strong security knowledge for applications including dependency management and runtime security
• Comprehensive understanding of GoLang microservices security patterns and secure coding practices
• Proficiency with security automation tools: Gitleaks (secret scanning), OpenGrep/Semgrep (static analysis), Prowler (AWS security assessment), ScoutSuite (multi-cloud auditing)
• Proficiency in Infrastructure as Code (Terraform, CloudFormation, AWS CDK)
• Experience with container security (Docker, Kubernetes/EKS)
• Knowledge of network security protocols and AWS networking services
• Scripting and automation skills (Python, Bash, PowerShell)

Security Expertise

• Deep understanding of cloud security frameworks (NIST, CSA, AWS Well-Architected Security Pillar)
• Knowledge of web application security and API security best practices
• Experience with vulnerability management and security testing tools
• Understanding of cryptography, PKI, and secure communication protocols
• Knowledge of identity and access management (IAM) and zero-trust architecture
• Experience with security monitoring, SIEM, and incident response
  

Nice to Have

Certifications

• AWS Security Specialty certification
• AWS Solutions Architect or DevOps Engineer certifications
• Additional security certifications (CISSP, CCSP, CEH, CISSP)
• Cloud security certifications from other providers (Azure, GCP)

Additional Skills

• Experience with multi-cloud security architectures
• Knowledge of serverless security (AWS Lambda, API Gateway)
• Experience with compliance frameworks (SOC 2, PCI DSS, ISO 27001)
• Familiarity with threat modeling and risk assessment methodologies
• Experience with security orchestration and automated response (SOAR)
• Knowledge of machine learning for security analytics
• Experience with payment processing and financial services infrastructure
• Understanding of microservices mesh security (Istio, Consul Connect)
  

Key Abilities and Traits

Cloud Security Expertise: Demonstrated ability to design and implement comprehensive security controls for complex AWS environments processing sensitive financial data.

Technical Leadership: Capable of leading cloud security initiatives, influencing architecture decisions, and mentoring team members on cloud security best practices.

Problem-Solving: Strong analytical skills with the ability to troubleshoot complex cloud security issues and implement innovative solutions.

Automation Mindset: Commitment to automating security processes and implementing security-as-code practices across the infrastructure lifecycle.

Communication: Excellent verbal and written communication skills, capable of explaining complex cloud security concepts to both technical and business stakeholders.

Continuous Learning: Commitment to staying current with evolving AWS services, cloud security threats, and industry best practices.

Detail-Oriented: Meticulous attention to detail when implementing security controls and reviewing cloud configurations.

Project Management: Ability to manage multiple cloud security projects simultaneously while ensuring compliance with regulatory requirements.