EXP: 10- 15years.
Location: BLR
Cybersecurity Lead - Public Cloud OSM
- Validate the security exceptions and access requests raised by the cloud and Devops teams
for the applications/infrastructure hosted on the cloud within the scope.
- Review, escalate and track the status of the critical security advisories and bulletins shared by
the CSP impacting the native services consumed by SOCGEN on the cloud.
- Work with vulnerability management SOC and security delivery teams in enhancing the
applications/infrastructure coverage, hosted on the cloud for the detection and response.
- Participate in the regular governance calls with cloud teams and CSP to enhance or improve
the security posture on the cloud within the scope.
- Support the risk assessments and security evaluations of the applications/infrastructure
hosted/provisioned on the cloud in line with the SG’s framework/standards/guidelines.
- Review and follow-up on escalated cloud native services non-compliance alerts remediation
status within the scope using the CNAPP with the cloud teams on the cloud.
- Update and maintain process documentation, and security reporting dashboards (KPIs, KRAs)
for the services on the cloud.
- Contribute to security audits support with artifacts (internal audit / regulators) within its scope of
the applications/infrastructure hosted on the cloud.
- Review and follow-up on the recommendation to address the gap findings based on the
security assessments and audit reports available from CSPs within the scope on the cloud.
- Maintain, update, and regularly review the major incident response plan with the CSPs and
internal stakeholders.
- Participate in the cyber tabletop exercise to identify the gaps and recommendations to
follow-up with cloud teams in closure there by enhancing detection and response capabilities of
the application/infrastructure on the cloud.
- Conduct periodic conditional access review ensuring the least privilege access is maintained
through identify lifecycle management.
Responsibilities
- Validate security exceptions and access requests raised by Cloud and DevOps teams
for applications and infrastructure hosted on the cloud within the defined scope.
- Review, escalate, and track the status of critical security advisories and bulletins
issued by Cloud Service Providers (CSPs) that impact native cloud services
consumed by the organization.
- Collaborate with Vulnerability Management, SOC, and Security Delivery teams to
enhance detection and response coverage for cloud-hosted applications and
infrastructure.
- Participate in regular governance meetings with cloud teams and CSPs to improve the
security posture of cloud services in scope.
- Support risk assessments and security evaluations of cloud-hosted or provisioned
applications and infrastructure, ensuring alignment with corporate security
frameworks, standards, and guidelines.
- Review and follow up on remediation of non-compliance alerts for cloud-native
services using CNAPP tools in collaboration with cloud teams.
- Maintain and update process documentation and security reporting dashboards,
including KPIs and KRAs for cloud security services.
- Contribute to internal and external audit activities by providing required artifacts
related to cloud-hosted applications and infrastructure.
- Track and follow up on CSP-provided security assessment findings and audit
recommendations to ensure timely remediation.
- Maintain, update, and periodically review cloud major incident response plans with
CSPs and internal stakeholders.
- Participate in cyber tabletop exercises and follow up on recommendations to enhance
detection and incident response capabilities for cloud applications and infrastructure.
- Conduct periodic conditional access reviews to ensure least-privilege access is
maintained through effective identity lifecycle management.
- 10+ years of experience in Cloud Security, Threat Modeling, Cloud Risk
Assessments, Vulnerability Management, AWS, Azure, SOC, or related fields.
- 5+ years of hands-on experience in public cloud security operations in Microsoft
Azure or AWS.
- Strong understanding of cloud-native security services across Azure or AWS.
- Good understanding of infrastructure and application security architecture,
compliance frameworks, and risk management principles.
- Excellent analytical, problem‑solving, communication, and stakeholder‑engagement
skills.
- Solid knowledge of cloud security frameworks, tools, and technologies—such as CIS,
OWASP, CNAPP, SOC, DevSecOps, DAST/SAST, NIST, CCM.
Profile Required
Preferred Certifications
- Required / Strongly Recommended:
- SC-900
- AZ-500
- AWS Security Specialty
- CEH
Profile Required: ACE can help you write this job description (go/ACE)
- 10+ years of experience in operational security and risk management, or related fields
- 5+ years of experience in public cloud security operations in Azure (Preferred) and AWS
- Strong understanding of cloud native security services on Azure and AWS
- Strong understanding of infrastructure & application security architecture, compliance
frameworks, and risk management principles
- Experience with infrastructure & application security assessments, risk assessments, and
security controls implementation
- Excellent analytical, problem-solving, and communication skills
- Familiarity with cloud security framework, tools, and technologies (e.g., CIS, OWASP,
CNAPP, SOC, Infrastructure security, IAM, DevSecOps, DAST/SAST. NIST, CCM)
- Education Qualification and Certifications:
o SC-100, CCSK, CEH or CPENT are mandatory
o CCSP or CISSP (optional)
Bachelors or master//'s in computer science/information technology/Information
security (Mandatory)
- How many years of experience in Cloud Security, Risk Assessment.
- Check experience in reviewing and approving access requests, security exceptions,
PFB questions as discussed:
and IAM policies
- Experience and hands-on in:
1. SOC (Or working with SOC Teams)
2. DevSecOps (OR working with DSO teams)
- Have you led Risk Assessment and compliance validation activities?
- What compliance frameworks are you familiar with - NIST, CIS, OWASP, CCM
- Are you hands-on with CNAPP tools? When was the last time you used them? Tools
like Prisma Cloud, Sentinel One, Sysdig secure etc.
- Have you participated or led governance forums, audits etc.
- Have you mentored team members?
- What is your experience with application security? How many years? Self rating?
- Do you monitor Cloud service provider advisories? - AWS, Azure, GCP
