Cloud Security Operations Engineer
Noida (Gautam Buddh Nagar) Bachelor's Degree Design / Civil engineering / Industrial engineering
Job description
Summary:
The Cloud Security Engineer – Security Operations Center (SOC) is responsible for prevention of Cyber Security Incidents by real time monitoring, detection and analysis of potential intrusions in cloud environment. This includes using troubleshooting tools to analyze and respond to cyber threats, writing scripts to aid in quick analysis and response, and responding to security events. The position operates and tunes security supporting tools, provides requirements for new security tools and creates use cases for monitoring. In addition, the position creates and follows up on incident reports, creates daily, weekly and monthly reporting metrics and manages vendor relationships as needed.
Essential Duties & Responsibilities include, but are not limited to the following :
· Work with developers and engineers designing tools that enable them to use cloud platforms in a secure manner
· Build reusable templates that incorporate security into common application and infrastructure design patterns
· Develop monitoring, alerting, and remediation to ensure the security of work on cloud platforms
· Build security controls and gates into the software development lifecycle
· Cyber Security Operations (monitoring, detection, incident response, forensics)
· Be available on an on-call basis to respond to pending issues or problems arising during non-business hours and provide support and response.
Desired profile
Qualifications :
Qualification Requirements:
Education:
Bachelor's degree or higher in CS, EE, or related field, or equivalent work experience.
One or more of the following certifications: CompTIA Security +, CPTE - Certified Penetration Testing Engineer or CEH - Certified Ethical Hacker, GCIH - (GIAC Certified Incident Handler) or ECIH - (EC-Council Certified Incident Handler)
Experience:
2 to 4 years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
Technical Skills/Experience:
· Designing or managing AWS cloud infrastructure.
· Container technologies (e.g., Docker).
· A strong understanding of IAM, role based access controls, network security, and means of isolating environments within cloud infrastructure is required. Experience with web service operations and delivery.
· Experience implementing certificate and key management systems to enable encryption on cloud platforms is also required. An understanding of security and authentication protocols is also desired including TLS, SSH, OAuth, SAML, Kerberos
· Familiarity with various network controls including proxies and reverse proxies, network and application load balancers, stateful and deep packet inspection
· Understanding how to design environments to protect against malicious accidental threats, such as data leakage and denial of service.
· Application and script development with Perl, Java, .NET, Python, Ruby, Bash, or PowerShell.
· Capable of developing secure cloud based infrastructure as code.
· Knowledge of Linux and Windows administration and OS hardening
· Experience with log management, monitoring and SIEM tools, including cloud native tools, is strongly desired. The ideal candidate should be able to aggregate, correlate, and report on logs and metrics, use them for detecting anomalous or risky behavior, and triggering automated actions or alerts. Splunk experience is a plus.
· Familiarity with common exploits, such as XSS, SQL Injection, DOS, man-in-the-middle, and buffer overflows, as well as how to detect them and protect against them, is a strong plus.
· Experience managing data, including its integrity and security throughout the development lifecycle, especially as part of a large scale data analytics workflows is a plus
· Knowledge if IDS/IPS technologies
· Previous DevOps experience is highly desirable