Lead Cloud Security Engineer

What you'll do

• Own the cloud security posture management program (CSPM) and continuously improve cloud security configurations aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance
• Uplift and evolve detection policies on CSPM to optimize detection capabilities and draft technical standards for remediation of vulnerabilities
• Own and manage an integrated vulnerability management dashboard to bring visibility on technical debt
• Evolve and mature security stack to support a multi-cloud strategy in a high-density containerized environment
• Refer CIS benchmarks and customize hardening standards as per technology stack evolution
• Engineer and uplift adoption of Infrastructure as Code program in pre-provisioning phase and Policy as Code to continuous monitoring of risk configuration changes
• Perform risk assessment of proposed and existing cloud architecture adhering to cloud security policies, procedures, and standards, recommending controls to mitigate risks
• Design and develop frameworks and solutions to secure CI/CD pipelines
• Test, review, and implement container security on GKE, EKS, or AKS
• Work with infra/product engineering teams to define baseline security configuration, build continuous visibility for detecting misconfigurations/vulnerabilities reported by CSPM, and mature remediation practices
• Provide SME in analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks
• Work with cloud vendors and external security researchers to resolve security gaps in InMobi’s Cloud
• Develop, monitor, and manage cloud performance and hygiene metrics (KCI, KPI, KRI)
• Prepare and deliver training and security awareness activities to Engineering teams

Requirements

• 7 years of experience in the Cloud security domain
• Hands-on experience with Azure/AWS/GCP security best practices and services
• Strong knowledge of virtualization, Docker, containers, and their orchestration with its challenges
• Hands-on knowledge of Kubernetes (PSP, Network policy, admission controller, etc.)
• Strong understanding of network concepts and web-related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, TLS, DDoS detection/prevention)
• Hands-on experience with infrastructure automation tools like Terraform
• Knowledge of common and industry-standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.)
• Experience reviewing and understanding cloud architecture and security best practices
• Ability to work independently with little direction and/or supervision
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization
• Keen attention to detail with the ability to correct on the fly and work independently
• Curiosity to learn and adopt emerging technologies
• Knowledge of Security Operations Centre / Incident Management (good to have, not mandatory)
• Holds Associate or Professional-level Cloud and Kubernetes certification(s), GCP/CKA/CKS preferred
• A Degree in Information Systems, Information Technology, Computer Science, or Engineering from an accredited college or university

Tech stack

Benefits