Responsibilities :

- Implement CSPM tools (defender for cloud, wiz, Orca, Prisma) to secure cloud-native applications across containers, serverless environments, and VMs.

- Integrate security scans into CI/CD pipelines to enable DevSecOps best practices.

- Manage detection, compliance checks, and runtime protection for Kubernetes and cloud workloads.

- Develop and enforce policies for secure application deployment in cloud-native environments.

- Design and maintain automated security workflows using CSPM tools across multi-cloud environments (AWS, Azure, GCP).

- Perform risk assessments on containerized applications and serverless functions in a cloud-native DevOps ecosystem.

- Enable real-time threat detection and incident response for containerized workloads and cloud services.

- Define and implement best practices for Baseline controls, and compliance reporting.

- Lead initiatives to embed security controls into Kubernetes clusters, microservices, and CI/CD pipelines.

- Monitor and optimize policies to adapt to evolving cloud-native application architectures.

- Drive security automation initiatives to minimize manual intervention and increase DevSecOps maturity.

- Identify and address vulnerabilities in cloud configurations, ensuring compliance with industry standards and monitoring cloud infrastructure for security gaps.

- Implement and manage CSPM tools to monitor and improve cloud security posture.

- Develop and maintain Terraform scripts for secure cloud infrastructure provisioning.

- Automate security checks and remediation workflows using Python.

- Analyze cloud security findings and drive remediation efforts.

- Create dashboards and reports for visibility into cloud risk and compliance.

- Ensure compliance with industry standards (e.g., CIS benchmarks, NIST, ISO 27001).

Preferred Requirements :

- Hands-on experience with Terraform for automating infrastructure provisioning and security.

- Hands on experience with CSPM tools like Wiz and CSPM for monitoring and improving cloud security posture.

- Proficiency in scripting and automation using Python, Ansible & other scripting language to streamline processes.

- Strong understanding of cloud environments (AWS, Azure, GCP) and their native security services.

- Knowledge of DevSecOps principles, including integrating security into CI/CD pipelines and adopting Infrastructure as Code (IaC) practices.

- Ability to adapt security workflows to evolving multi-cloud and containerized application architectures.

Required :

- Minimum of 5 years of IT experience

- At least 3+ years of Hands-on experience in CSPM tools (e.g., Prisma Cloud, Orca Security, Wiz, Defender for cloud)

- At least 2+ years of application development in python for automation and scripting

- At least 2+ Experience with programming languages such as Terraform for Proficiency for infrastructure-as-code.

- 3-5 years of experience in managing and securing multi-cloud environments (AWS, Azure, GCP) with native security tools.

- 4+ years of experience in cloud security.