Data Unveil - Senior Cloud Security Engineer - SAST/DAST

Description :

At Data Unveil, we believe in delivering the best for our clients (Pharma Companies). We use the latest technology and tools to aggregate and analyze specialty healthcare data received from various data partners. We provide clear and hassle-free business insights to enhance the clients vision and drive business success.

Required Skills & Experience :

- Strong hands-on experience in AWS, and familiarity with Azure or GCP.

- Expertise in IAM, encryption, network security, logging, monitoring, and incident response within cloud environments.

- Proficiency with IaC (Infrastructure as Code) Terraform, or CloudFormation.

- Experience with container and Kubernetes security (EKS, AKS, GKE).

- Practical experience with SAST, DAST, and SCA tools integrated into CI/CD.

- Strong knowledge of vulnerability management tools (e.g., AWS inspector, Trend Micro Cloud One).

- Understanding of Zero Trust principles and shared responsibility models.

- Familiarity with automation and scripting (Python, Bash, PowerShell).

Key Responsibilities :

- Architect and implement cloud security frameworks aligned with organizational policies, regulatory standards, and industry best practices.

- Design and enforce Identity & Access Management (IAM) strategies, including least privilege, role-based access, and federated identity integration.

- Implement and manage cloud-native security controls AWS Guard Duty, Security Hub, Inspector, etc.

- Lead security assessments perform threat modelling, risk analysis, and security reviews of cloud architectures and deployments.

- Integrate security into CI/CD pipelines (DevSecOps) using tools like GitHub Actions, Jenkins, Terraform, CloudFormation, and container security tools.

- Manage vulnerability management lifecycle scanning, triaging, remediation, and verification.

- Define and implement network security controls firewalls, WAFs, VPC segmentation, and private connectivity (Transit Gateway, Private Link, etc.).

- Monitor, detect, and respond to cloud security incidents using SIEM/SOAR tools (Splunk, Sentinel, CloudWatch, Trend Micro Vision One, etc.).

- Collaborate with application and infrastructure teams to embed security best practices throughout the SDLC.

- Perform regular compliance checks against benchmarks such HIPAA, SOC 2, etc.

- Conduct SAST/DAST reviews for cloud-hosted applications and work closely with development teams to address vulnerabilities.

- Mentor junior engineers and drive internal knowledge-sharing initiatives on cloud security topics.

- Stay current on emerging cloud security threats, zero-day vulnerabilities, and AI-driven attack trends.