Job Summary: We are seeking a Cloud-Native Security Engineer to safeguard our cloud-based applications and infrastructure. This role involves designing and implementing robust security measures, conducting risk assessments, and ensuring compliance with industry standards and regulations. The ideal candidate will collaborate with development and operations teams to embed security throughout the software development lifecycle (SDLC).
Key Responsibilities: - Security Architecture & Implementation
- Design and implement security architectures for cloud-native applications.
- Develop and apply security controls to protect cloud environments.
Risk Assessment & Management: - Conduct security assessments and vulnerability scans.
- Identify, evaluate, and mitigate risks associated with cloud services.
Policy & Compliance: - Create, maintain, and enforce security policies, standards, and procedures.
- Ensure adherence to regulatory requirements and security best practices.
Collaboration & Integration: - Partner with development teams to integrate security into CI/CD pipelines.
- Work with IT and operations teams to maintain secure cloud configurations.
Monitoring & Incident Response: - Monitor cloud environments for security events and anomalies.
- Lead incident response efforts and conduct post-incident reviews.
Training & Awareness - Deliver security training and awareness programs to internal teams.
- Stay current with emerging threats, vulnerabilities, and technologies in cloud security.
Qualifications: Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Experience: - 3+ years of experience in cloud security or a related field.
- Hands-on experience working with cloud platforms such as AWS, Azure, or Google Cloud.
- Familiarity with cloud-native technologies like containers (e.g., Docker) and orchestration tools (e.g., Kubernetes).
- Experience securing applications built using cloud-native architectures, including microservices and serverless functions.
- Exposure to CI/CD pipelines and integrating security tools into the software development process.
Technical Skills: - Proficiency with security tools (e.g., firewalls, IDS/IPS, SIEM).
- Strong understanding of security frameworks (e.g., NIST, ISO 27001).
Certifications: Preferred: Certified Cloud Security Professional (CCSP), AWS Certified Security - Specialty, or equivalent.
Soft Skills: - Strong analytical and problem-solving abilities.
- Excellent communication and interpersonal skills.
- Team-oriented mindset with a proactive approach to collaboration.