Senior Engineer - Cloud Security
Bengaluru
Applications have closed
Zeta
Zeta is the world’s first Omni Stack for credit cards. A single stack for Origination, Processing, FRM, Rewards, Loans, APIs, and AppsAbout the Role
As a Cloud Security Professional, you will be playing a pivotal role in enabling Zeta in detecting and mitigating various vulnerabilities and automating the process at an early stage and making sure infrastructure and applications are secure. You will work with an amazing peer group that fuels this ambition.
Responsibilities
- Implement cloud security initiatives for entire organization Improve Cloud security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
- Prepare and present reports of Vulnerability Assessment, Automation, Penetration Testing etc.
- Oversee the planning and coordination of Cloud security Deploy, Maintain and Support Log Aggregation, Vulnerability and Threat Detection Solutions with associated visualizations so that real-time identification of issues can be performed.
- In addition to the above specific responsibilities, as Cloud Security Engineer in Information Security division of Zeta, you will be responsible for:
- Hiring decisions, hiring process definition, and continuous improvements. Broad knowledge of security domain with an understanding of cloud & kubernetes vulnerabilities, secure configurations and mitigation mechanisms
- Perform review and validation of all deliverables for Cloud Security
- Educate DevOps, Devs and Security Team
- Continuous improvement of Cloud Security postureI
- ntegrating various tools into CI/ CD and automate repetitive tasks
- Make sure the environment is compliant to CIS, NIST, PCI etc.
- Ensure that Security Standards are being adopted by the Product Team covering both Cloud, On-Prem, SaaS, PaaS and IaaS.
Skills
- To be successful in this role, the following are the areas of expertise classified by their importance:
- Critical: Solid understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like AWS, Azure etc.
- Experience of CI/CD Pipeline implementation and at least one tool (Jenkins, ArgoCD, Bitbucket Pipelines etc)Experience in at least one scripting language (Bash, Python, Java etc)Experience containerization and Kubernetes
- Experience of automating and templating security processes and documentation for compliance purposes.
- Hands on experience of vulnerability assessments, Penetration Testing, Web Application Security, data privacy, identify access management etc.
- Experience of at least 2 active and passive security tooling (OWASP ZAP, Veracode, Checkmarx, Fiddler etc)Experience on Infrastructure as Code solution (Terraform, Ansible, Chef etc)Advantage: experience with security tools like Prisma, Aqua, Clair, Hashicorp Vault, etc.
- High:
- Conduct Architecture and Design review to provide guidance and security assurance around best practices and frameworks.
- Work closely with the DevOps teams and share security insight
- Knowledge of development practices using Java and Nodejs, Docker, Kubernetes and other container orchestration services
- Experience with Secure Code Quality Tools, Testing and Techniques - ZAP, Wireshark, Sonarqube, Metasploit etc.
- Understanding of security frameworks, controls and processes - CIS, NIST, PCI/DSS. SOCI/II, etcMedium experience in one or more languages - NodeJS, GoLang, Python, Perl, Ruby, Bash, Javascript, Java etc.
- Ability to document risks, security controls and evidence to ensure compliance
Experience and Qualifications
Equal OpportunityZeta is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all backgrounds, cultures, and communities to apply and believe that a diverse workforce is key to our success* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible APIs Application security Automation AWS Azure Banking Bash Bitbucket Checkmarx CI/CD Cloud Compliance Computer Science DevOps DevSecOps Docker Golang IaaS Java JavaScript Jenkins Kubernetes Metasploit NIST Node.js OWASP PaaS Pentesting Perl Privacy Python R&D Ruby SaaS Scripting SonarQube Terraform Threat detection Veracode Vulnerabilities
Perks/benefits: Startup environment
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs