Job Title: Cloud Security Engineer
Location: Bangalore
Department: Technology
Reports to: Head of Cloud Infra
TookiTaki, the global leader building the Trust Layer for Financial Services, is strengthening its cloud security foundation as we scale our AI-driven AML and fraud-detection platforms across global banks and fintechs. We are looking for a Cloud Security Engineer who blends deep cloud expertise with uncompromising security standards — someone who can design, harden, and defend the cloud environments that power our mission. If secure, resilient, and scalable infrastructure is your playground, welcome home.
1. Cloud Security Architecture:
- Design and implement secure cloud architectures across AWS
- Ensure systems meet enterprise-grade security, availability, and performance requirements.
- Drive secure-by-default principles across deployments, services, and automation pipelines.
2. Security Hardening & Compliance:
- Own and maintain PCI-DSS–aligned cloud security controls.
- Lead infrastructure hardening across compute, data, storage, network, and IAM.
- Implement end-to-end compliance guardrails, auditing, and continuous monitoring.
- Drive patching, vulnerability management, and threat exposure reduction.
3. Threat Detection & Incident Response:
- Develop runtime threat detection and alerting frameworks (SIEM/SOAR, IDS, CSPM).
- Conduct compromise assessments and respond to potential breaches with speed and clarity.
- Act as the primary escalation point for security incidents and lead root cause analysis.
- Continuously enhance detection logic using emerging threats from the AFC ecosystem.
4. Security Automation & DevSecOps:
- Integrate security tooling into CI/CD workflows (SAST, SCA, DAST, secrets scanning).
- Automate policies using IaC (Terraform/CloudFormation) and policy-as-code frameworks.
- Build automated remediation playbooks to reduce manual intervention. Identity, Access & Secrets Management
- Implement and govern IAM standards across cloud environments.
- Build least-privilege, zero-trust access frameworks.
- Maintain secure secrets management via Vault, KMS, or similar tooling.
5. Disaster Recovery & Business Continuity
- Lead DR planning and execution with clear RTO/RPO targets.
- Achieve 99.9% secure and compliant uptime for all cloud infrastructure.
- Reduce high-risk vulnerabilities by 90% within the first 6 months.
- Implement full Cloud Security Monitoring & Alerting within 90 days.
- Shift-left security across CI/CD pipelines with 100% automated checks.
- Reduce mean time to detect (MTTD) and mean time to respond (MTTR) for security incidents by 50%.
- Required: Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent.
- Preferred: Master’s degree in Cybersecurity or Cloud Security.
- 4–6 years in cloud engineering or cloud security roles.
- Proven hands-on experience securing cloud platforms AWS at scale.
- Experience in regulated or compliance-heavy environments (fintech, banking, regtech) preferred.
- Strong understanding of cloud security frameworks (CIS, NIST, PCI-DSS).
- Expertise with IaC tools: Terraform, CloudFormation.
- Hands-on experience with Kubernetes security (EKS)
- Ability to detect, triage and prevent network-level vulnerabilities and misconfigurations in the cloud infrastructure.
- Hands-on with container security (Docker, Kubernetes, EKS/GKE).
- Experience with cloud-native security tools (GuardDuty, Security Hub, GCP SCC, Prisma, Wiz, etc.).
Strong knowledge of monitoring & logging stacks (ELK, Prometheus, Grafana). Proficiency in Python, Go, or Java for security automation.
- Exceptional problem-solving and analytical thinking.
- Clear communication — security without theatrics or jargon.
- Ability to operate in a fast, dynamic, and global environment.
- High ownership and accountability.
- Infrastructure Expertise: Deep understanding of cloud platforms and scalable architecture design.
- Automation and Optimization: Ability to streamline processes and improve cost-efficiency.
- Collaboration: Work effectively with engineering and operational teams.
- Ownership: Take full responsibility for the cloud infrastructure and its performance.
- Adaptability: Thrive in dynamic and rapidly changing environments.
- Maintain 99.9% uptime across all cloud infrastructure.
- Achieve a 20% reduction in cloud costs within six months.
- Complete automation of CI/CD pipelines, reducing deployment lead times by 50%.
- Resolve critical production incidents within 30 minutes on average.
- Implement a robust monitoring system with minimal false alerts.
- Competitive Salary: Aligned with industry standards and experience.
- Professional Development: Access to training in big data, cloud computing, and data integration tools.
- Comprehensive Benefits: Health insurance and flexible working options.
- Growth Opportunities: Career progression within Tookitaki’s rapidly expanding Services Delivery team.
