Cloud Security Engineer

Key Skills: HTTP, UDP, IPSec, TCP/IP, AWS Cloud, HTTPS

Roles and Responsibilities:

• Work on cloud security posture management program (CSPM) and focus on continuous improvement of cloud security configurations aligned to global standards like NIST CSF, ISO 27001, ISO 31000, and Cloud Security Alliance.
• Uplift and evolve detection policies on CSPM to optimize detection capabilities and draft technical standards for remediation of vulnerabilities identified on the cloud stack.
• Develop an integrated vulnerability management dashboard to enhance visibility on technical debt.
• Evolve and mature the security stack to support a multi-cloud strategy in a high-density containerized environment.
• Engineer and uplift the adoption of Infrastructure as Code (IaC) in the pre-provisioning phase and Policy as Code (PaC) for continuous monitoring of risk configuration changes.
• Perform risk assessments of proposed and existing cloud architecture, recommending technical and administrative controls to mitigate identified risks.
• Design and develop frameworks and solutions to secure CI/CD pipelines.
• Collaborate with infrastructure and product engineering teams to define baseline security configurations and build continuous visibility for detecting misconfigurations and vulnerabilities reported by CSPM.
• Provide subject matter expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks.
• Work with cloud vendors and external security researchers to resolve security gaps in InMobi's Cloud.
• Develop, monitor, and manage cloud performance and hygiene metrics (KCI, KPI, KRI).
• Prepare and deliver training and security awareness activities to the engineering teams.

Skills Required:

• Strong understanding of network protocols: TCP/IP, HTTP, IPSec, UDP
• Hands-on experience with AWS Cloud and multi-cloud strategy
• Familiarity with cloud security standards: NIST CSF, ISO 27001, Cloud Security Alliance
• Proficiency in IaC (Infrastructure as Code) and PaC (Policy as Code)
• Knowledge of vulnerability management, CSPM tools, and CI/CD pipeline security
• Experience with container security, risk assessment, and secure cloud architecture

Education: B.E., B.Tech, B.Tech M.Tech (Dual), M.E., M.Tech in Computer Engineering, Computer Science, or related fields