CDTR-Cybersecurity - Cloud Security-Manager-Bangalore

The role combines hands-on delivery with strong collaboration, you will advise engineering teams, support remediation, and help build a security-first culture. 

• Multi-Cloud Strategy: Design and implement scalable, well-architected frameworks across AWS, Azure, and GCP, ensuring cross-cloud consistency and disaster recovery readiness. 

• Architect end-to-end GitHub Enterprise CI/CD pipelines that integrate automated security scanning (GitHub scan tools), dependency checks. 

• Container Orchestration: Manage and optimize large-scale Kubernetes environments (EKS, AKS, GKE), focusing on service mesh implementation, ingress controllers, and cost-efficient scaling. 

• Design scalable security processes and governance for private, hybrid, and multi-cloud environments (AppSec/DevSecOps aligned) 

• Build and implement cloud, container, and application security strategy, including SSDLC practices 

• Identify security vulnerabilities on web applications, infrastructure systems, network equipment, Wi-Fi systems, mobile applications, API, etc. 

• Provision secure landing zones and cloud infrastructure using Terraform/IaC across AWS, Azure, and GCP 

• Embed security scanning into CI/CD (IaC, images, secrets, SAST, DAST, dependency/SCA)  including Pipeline Hardening, Artifact repository ( JFrog,Nexus) and Binary provenance 

• Implement automated governance and policy enforcement (policy-as-code, tagging, preventive guardrails, CI/CD security gates, and CNAPP controls) 

• Implement API security - API gateways security, OAuth and/JWT misconfigurations 

• Conduct cloud security assessments, source code reviews to detect security flaws and propose mitigation/remediation plans 

• Develop proof-of-concept (PoC) exploits for validated vulnerabilities. 

• Harden software supply chain and runtime workloads (signing/integrity, access controls, configuration management, EDR/runtime protection) 

• Enable monitoring and response by integrating logs with SIEM/SOAR and defining detection/remediation workflows 

• Conduct posture assessments and security reviews (config, code, permissions, and logs) and coach teams on remediation 

• Provide guidance/training and support continuous upskilling (cloud security and DevSecOps) 

• Proven experience in DevSecOps and Application Security technologies 

• Experience working with cloud platforms such as AWS/Azure/GCP 

• Strong understanding of secure SDLC, threat modeling, and vulnerability management. 

• Hands-on experience with application security tools in SAST, DAST, SCA, and API security testing Eg: Burp Suite, Metasploit, Nmap, Nessus, Wireshark, Kali Linux, Nikto, Fortify, ZAP, MobSF  

• Proficiency in common programming languages (Git, Java, JavaScript, Python, Rust, Go, C#, etc.) 

• Strong hands-on experience with Terraform and Infrastructure-as-Code practices 

• Experience with CI/CD tools such as Jenkins, GitHub Actions, GitLab CI, or Azure DevOps 

• Good understanding of OWASP Top 10, secure coding practices, and common vulnerabilities 

• Experience with AI tools-Copilots, Agents building use cases as per project requirements 

• Good to have experience with the below tools  
  • CNAPP (Prisma, Wiz, Orca) 
  • SAST (Checkmarx, Fortify, Veracode) 
  • Secrets scanning (TruffleHog, GitGuardian) 

• Strong analytical, problem-solving, and communication skills 

Preferred Qualifications   

• Bachelor’s degree in computer science, Computer/Systems Engineering, or a related field 

• Cloud certifications : 

• Azure (AZ-500, AZ-400, AI-102) 

• AWS- AWS Certified SecurityEngineer/ AWS Certified DevOps Engineer 

•  GCP - Professional Cloud Security Engineer, Professional Cloud DevOps Engineer)