- Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines. (GitLab CI, Jenkins, GitHub Actions, etc.

- Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.

- Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.

- Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.

- Solid knowledge of access management, encryption, logging/monitoring, and network security principles.

- Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.

- Excellent written and verbal communication skills with experience writing policies and technical documentation.

Preferred Qualifications :

- Professional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or AWS Security Specialty etc.

- Experience with compliance automation platforms.

- Background in regulated industries such as fintech, healthcare, or government.