Security Engineer - AWS Cloud Services

Description :

Role Overview :

We are seeking an experienced Security Engineer to safeguard our hybrid infrastructure spanning AWS cloud environments and on-premises data centers. You will design and implement security controls, monitor threats, respond to incidents, and ensure compliance with regulatory standards including SEBI requirements.

Key Responsibilities :

Cloud & Hybrid Security Architecture :

- Design and implement security controls across AWS cloud services and on-premises data centers

- Configure AWS security services including IAM, GuardDuty, Security Hub, CloudTrail, WAF, and KMS

- Define and maintain security baselines, hardening standards, and cloud security benchmarks CIS, NIST

- Implement zero-trust security principles across hybrid environments

Threat Detection & Incident Response :

- Monitor cloud and on-premises environments for security threats using SIEM/SOAR tools

- Develop detection rules, correlation logic, and threat hunting use cases

- Investigate and respond to security incidents including breach analysis and remediation

- Conduct forensic analysis and produce incident reports with RCA documentation

Vulnerability & Risk Management :

- Conduct regular vulnerability assessments, penetration testing, and security audits

- Implement vulnerability scanning and patch management processes

- Perform risk assessments and maintain risk registers

- Support VAPT remediation activities

Compliance & Governance :

- Ensure compliance with SEBI, ISO 27001, PCI DSS, SOC 2, and other regulatory frameworks

- Prepare audit evidence and control validation artifacts

- Maintain security documentation, policies, and operational runbooks

Infrastructure Security :

- Implement security hardening for Linux/Windows servers, databases, and network devices

- Manage encryption, PKI/certificate lifecycle, and key management

- Configure network security including firewalls, VPNs, and secure connectivity

- Secure containerized environments Docker, ECS, Kubernetes)

DevSecOps Integration :

- Integrate security into CI/CD pipelines and infrastructure-as-code workflows

- Automate security processes using Python, Bash, or PowerShell

- Implement security scanning in Terraform/CDKTF deployments

Required Qualifications :

- Bachelor's degree in Computer Science, Information Security, or related field

- 3 - 6 years of hands-on experience in cloud and infrastructure security

- Deep expertise in AWS security services and architecture

- Strong understanding of network security protocols, encryption, and access controls

- Experience with SIEM/SOAR platforms and threat detection tools

- Knowledge of compliance frameworks : ISO 27001, NIST, SOC 2, PCI DSS, SEBI

- Proficiency in scripting Python, Bash) for security automation

- Experience with vulnerability scanning and penetration testing

Preferred Qualifications :

- AWS Certified Security Specialty or CCSP certification

- CISSP, CEH, or equivalent security certifications

- Experience in financial services/regulated industries

- Familiarity with infrastructure-as-code security Terraform, CloudFormation)

- Understanding of DevSecOps practices and secure CI/CD