Key Responsibilities
Cloud Security Architecture & Governance
- Define and maintain multi-cloud security architectures aligned with organizational security strategy and compliance requirements.
- Develop and enforce cloud security policies, standards, and guardrails for Azure, AWS, and GCP.
- Conduct threat modeling and risk assessments for new cloud services and workloads.
Security Posture Management & Tooling
- Deploy, configure, and optimize Microsoft Defender for Cloud, Wiz, or CrowdStrike for CSPM, CWPP, and CNAPP capabilities.
- Integrate security findings into SIEM/SOAR workflows and drive remediation with engineering teams.
- Implement cloud-native security services such as Azure Policy, AWS Security Hub, and GCP Security Command Center.
DevSecOps & Automation
- Embed security into CI/CD pipelines using GitHub Actions, Azure DevOps, or Jenkins.
- Implement policy-as-code and IaC security scanning for Terraform, Bicep, and CloudFormation templates.
- Automate security controls and compliance checks using Python, PowerShell, or equivalent scripting languages.
Identity, Access & Network Security
- Design and enforce least privilege IAM policies, role-based access control, and conditional access across cloud platforms.
- Implement network segmentation, private endpoints, and firewall policies to secure workloads.
Monitoring, Detection & Incident Response
- Configure and monitor Defender for Cloud, Wiz, or CrowdStrike dashboards for anomaly detection and threat s.
- Lead cloud security incident investigations, root cause analysis, and remediation efforts.
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
- 5+ years of experience in cloud security, with strong expertise in Azure and exposure to AWS/GCP.
- Hands-on experience with Microsoft Defender for Cloud, Wiz, or CrowdStrike for CSPM, CWPP, and CNAPP.
- Strong knowledge of IAM, encryption, network security, and container security in cloud environments.
- Experience with DevSecOps practices, including IaC security and pipeline integration.
- Familiarity with compliance frameworks (CIS, NIST, ISO 27001, SOC 2).
- Scripting proficiency in Python or PowerShell.
Preferred Qualifications
- Certifications: Azure Security Engineer Associate, CCSP, or CISSP.
- Experience with Zero Trust Architecture and micro-segmentation.
- Knowledge of Kubernetes security (AKS, EKS, GKE) and container runtime protections.
- Additional certifications such as Azure Solutions Architect Expert, Azure Administrator Associate, or Azure DevOps Engineer Expert are highly desirable.
Tools & Technologies
- Cloud Platforms: Azure, AWS, GCP
- Security Tools: Microsoft Defender for Cloud, Wiz, CrowdStrike, SIEM/SOAR platforms
- IaC & Automation: Terraform, Bicep, CloudFormation, OPA/Conftest
‘Grant Thornton INDUS’ comprises GT U.S. Shared Services Center India Pvt Ltd and Grant Thornton U.S. Knowledge and Capability Center India Pvt Ltd. Grant Thornton INDUS is the shared services center supporting the operations of Grant Thornton LLP, the U.S. member firm of Grant Thornton International Ltd. Established in 2012, Grant Thornton INDUS employs professionals across a wide range of disciplines including Tax, Audit, Advisory, and other operational functions. What sets us apart isn’t just what we do – it’s how we do it. We support and enable the firm’s purpose of making business more personal and building trust into every result. We’re collaborators – obsessed with quality and ready for anything – who understand the value of strong relationships. Our professionals are well integrated to seamlessly support the U.S. engagement teams, help increase Grant Thornton’s access to a wide talent pool, and improve operational efficiencies. Empowered people, bold leadership, and distinctive client service are imbibed in the culture at Grant Thornton INDUS. We are a transparent, competitive, and excellence-driven firm that offers an opportunity to be part of something significant. In addition, professionals at Grant Thornton INDUS serve communities in India through inspirational and generous services to give back to the communities they work in. Grant Thornton INDUS has its offices in two locations in India – Bengaluru and Kolkata