Cloud App Security Engineer

Every company wants to change the world, and we are doing it. Skylo’s unique service allows standard cellular devices to simply connect directly over both cellular and satellite networks seamlessly for data, messaging, SOS and other critical applications. We are bringing hybrid cellular - satellite connectivity to ordinary cellular devices.

We have an open opportunity to join our team as a Cloud App Security Engineer, onsite, in Bangalore, India to ensure comprehensive security around development and maintenance of technology assets and partnerships for a next generation Satellite IoT service.

Responsibilities:

• Cloud Security Review: Conduct regular assessments and reviews of cloud deployments to identify security vulnerabilities, misconfigurations, and compliance gaps.
• Security Testing: Conduct security testing of web applications, APIs, container and mobile applications using a variety of tools and techniques, including static analysis, dynamic analysis, and penetration testing.
• Security Improvement Initiatives: Develop and implement strategies to continuously improve the security of cloud deployments, including enhancing security controls, implementing automation, and optimizing security configurations.
• DevSecOps Implementation: Lead the adoption of DevSecOps practices in cloud environments by integrating security into the software development lifecycle, including design, development, testing, deployment, and operations.
• Security Automation: Develop and maintain security automation scripts, tools, and pipelines to automate security tasks, such as vulnerability scanning, compliance checks, and security testing.
• Vulnerability Management: Identify and prioritize security vulnerabilities discovered during security testing and collaborate with development teams to ensure timely remediation.
• Security Incident Response: Develop and maintain incident response procedures for cloud environments, including monitoring, detection, investigation, and remediation of security incidents.
• Collaboration: Work closely with development teams, DevOps engineers, architects, and other stakeholders to ensure that security is integrated into all aspects of cloud deployments and operations.
• Documentation: Maintain accurate documentation of security policies, procedures, configurations, and incidents related to cloud deployments.

Requirements:

• 6 to 8 years of proven experience in security domain or similar role
• Strong understanding of cloud architecture and security principles, with experience in Google Cloud Platform, AWS, or Azure.
• Hands-on experience with DevSecOps tools and practices, such as infrastructure as code (IaC), continuous integration/continuous deployment (CI/CD), and security automation.
• Proficiency in scripting and programming languages, such as Python, PowerShell, or Bash.
• Strong understanding of web application security principles, common vulnerabilities, and attack vectors, such as OWASP Top 10 and SANS 25.
• Experience with security testing tools such as Burp Suite, OWASP ZAP, Veracode, or similar tools.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams.
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Advanced degrees and industry certifications, such as CISSP, CEH or OSCP are a plus.