We’re seeking a future team member for the role of Senior Vice President to join our Information Security team. This role is located in Pune.
Be part of a team focused on strengthening enterprise cloud security capabilities across public cloud and cloud-native environments.
Contribute to the implementation of secure cloud design patterns, technical standards, and control requirements.
Partner closely with cloud engineering, DevSecOps, IAM, platform teams, and cyber stakeholders.
Gain experience across cloud security engineering, automation, posture management, and governance support.
Help translate cloud security requirements into practical technical controls and repeatable implementation patterns.
Support cloud security strategy and governance through engineering execution, control adoption, and reporting inputs.
- Lead the engineering, implementation, and continuous improvement of cloud security controls for identity and access management, network security, encryption, key management, secrets management, logging, monitoring, and workload protection in AWS, Azure, or GCP.
- Act as an AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes.
- Support the adoption of AI-driven capabilities for threat detection, risk analysis, automation, incident response, and security operations.
- Translate security and control requirements into repeatable engineering solutions and implementation standards.
- Support the design and implementation of technical controls aligned to NIST SP 800-53 and related enterprise security requirements.
- Lead implementation efforts for container, Kubernetes, API, and cloud-native workload security controls.
- Drive the operational maturity of Cloud Security Posture Management (CSPM) capabilities to identify misconfigurations, policy violations, excessive permissions, exposed assets, and control drift.
- Partner with engineering and cyber teams to optimize Wiz and similar CSPM/CNAPP platforms, including workflow integration, prioritization, remediation support, and reporting.
- Design and strengthen the use of cloud-native posture and policy services, including AWS Config, AWS Security Hub, AWS Organizations SCPs, Azure Policy, Microsoft Defender for Cloud, GCP Organization Policy, and Security Command Center.
- Define and implement policy-as-code, automated guardrails, and infrastructure-as-code patterns to improve control consistency and reduce manual processes.
- Provide senior technical guidance to cloud engineers, DevSecOps practitioners, and application teams on secure cloud implementation practices.
- Partner with cloud architects and governance stakeholders to improve standards adoption, exception handling, and control coverage.
- Help define cloud security metrics, remediation priorities, and technical reporting that support governance and risk management objectives.
- Contribute to audit, regulatory, and control review activities by explaining technical implementations, evidence, and remediation status.
Maintain and improve documentation for cloud security standards, design patterns, engineering procedures, and operating guidance.
-
- 18+years of experience in cloud security engineering, security engineering, DevSecOps, infrastructure security, or a related security engineering role.
- Strong hands-on experience securing workloads and services in AWS, Azure, or GCP.
- Strong knowledge of cloud security principles across IAM, networking, encryption, secrets management, logging, workload protection, resilience, and secure service consumption.
- AI enabler for cloud security by identifying, assessing, and promoting AI use cases that improve security outcomes.
- Experience with security automation, orchestration, analytics, and AI-driven security tooling.
- Experience implementing cloud security controls at scale in enterprise or regulated environments.
- Strong familiarity with NIST SP 800-53, MCSB and related control concepts, especially in areas such as: Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Identification and Authentication (IA), Incident Response (IR), Risk Assessment (RA), System and Communications Protection (SC), System and Information Integrity (SI)
- Strong understanding of Cloud Security Posture Management (CSPM) concepts, including continuous compliance monitoring, misconfiguration detection, exposure analysis, and governance workflows.
- Experience with CSPM/CNAPP tools such as Wiz, Prisma Cloud, Orca, Lacework, or similar platforms.
- Experience with cloud-native policy and posture tools, such as: AWS Config , AWS Security Hub , AWS Organizations SCPs , Azure Policy , Microsoft Defender for Cloud , GCP Organization Policy , Google Security Command Center
- Experience developing or supporting policy-as-code and automated guardrails using tools such as OPA/Rego or equivalent policy frameworks.
- Strong experience with Infrastructure as Code and automation using Terraform, CloudFormation, ARM, Bicep, Python, or similar tooling.
- Experience with container and Kubernetes security, API security, vulnerability management, and cloud-native control implementation.
- Experience supporting or contributing to cloud security strategy, governance processes, standards, exception handling, remediation tracking, and risk reporting.
- Strong technical judgment, problem-solving ability, and cross-functional collaboration skills.
- Strong written and verbal communication skills, including the ability to explain technical controls in business and risk terms.
- Bachelor's degree in computer science, engineering, cybersecurity, or related discipline, or equivalent practical experience.
- Experience in a regulated industry such as financial services.
- Familiarity with CIS Benchmarks, CSA CCM, OWASP, or NIST CSF.
- Experience supporting remediation workflows tied to cloud security findings.
- Exposure to architecture review, risk assessments, or cloud governance processes.
- Relevant certifications such as: AWS Security Specialty, Azure Security Engineer Associate , Google Professional Cloud Security Engineer , CCSP
- Lead the implementation and improvement of cloud security controls across supported cloud platforms.
- Implement and maintain cloud security controls across supported platforms with Cloud native policies, WIZ rules.
- Able to fluently work with KQL, WIZ, Splunk, Azure Policies, bash, Powershell, gcloud, Terraform, Log Analytics, Microsoft Sentinel, Gitlab – All development tools fluently in an enterprise setting.
- Implement and mature cloud controls aligned to NIST SP 800-53 and enterprise requirements.
- Strengthen technical traceability, evidence support, and control consistency.
- Identify, prioritize, and help remediate control gaps across cloud environments.
- Work with platform, DevOps, architecture, and application teams to embed security into engineering workflows.
- Promote adoption of automated controls, secure design patterns, and policy enforcement.
- Provide senior-level technical guidance that improves secure cloud adoption at scale.
Support in review high-risk cloud initiatives and document residual risk, exceptions, and compensating controls.
Support governance forums, audits, and regulatory reviews with defensible engineering rationale.
Balance security, resilience, cost, and engineering usability in decision making.
Support cloud security strategy and governance through technical leadership, control implementation, and reporting inputs.
Contribute to standards adoption, remediation governance, exception handling, and security maturity efforts.
Partner with stakeholders to improve control effectiveness and support risk-based decision-making.
Drive posture management processes across third-party and cloud-native capabilities.
Improve detection, prioritization, and remediation of misconfigurations, policy violations, and exposure risks.
Help operationalize Wiz or similar tooling alongside native cloud policies and governance workflows.
Act as an AI enabler by identifying opportunities to apply AI to strengthen cloud security outcomes.
Support implementation of AI capabilities to improve threat detection, posture analysis, risk prioritization, and security operations efficiency.
Help streamline cloud security tooling, processes, and workflows through intelligent automation and AI-driven insights.
Partner with engineering, platform, and security teams to embed AI capabilities into cloud security operations and decision-making.
Promote practical and responsible use of AI as a force multiplier for cloud security effectiveness, scalability, and operational maturity
Cloud security controls are implemented consistently, effectively, and at scale.
AI is integrated into all processes and controls in support to increase controls effectiveness and streamline operational efforts
Security is embedded into engineering and deployment workflows with reduced manual effort.
Posture management findings are better prioritized, more actionable, and more effectively remediated.
Wiz, cloud-native policies, and automation capabilities work together to improve visibility and reduce cloud risk.
Cloud control implementations demonstrate alignment to NIST SP 800-53 and enterprise standards.
Engineering teams adopt secure patterns more consistently with fewer design and control exceptions.
Governance and audit stakeholders receive clearer technical support, evidence, and remediation transparency.
