Sr. Cloud Security Engineer Butterfly Groups

  • company name Butterfly Groups
  • working location Office Location
  • job type Full Time

Experience: 3 - 3 years required

Pay:

Salary Information not included

Type: Full Time

Location: Kerala

Skills: Information security, Penetration Testing, security monitoring, Change Management, it risk management, Information Security Standards, Security Controls, Configuration management, Vulnerability Management, Firewalls, Analytical skills, Agile methodology, ITIL, Monitoring, metrics, Azure Cloud Security, Security assessments, vulnerability assessments, Security Tools Management, Key Risk Indicators Monitoring, Incident Response, Cybersecurity threats analysis, Vendor Due Diligence Reviews, Technology Risk Management, IAM Control Standards, Access Reviews, Application Architectures Security, automated workflows, Security Culture Building, Regulatory Compliance Standards, Enterprise Security Tools Management, System Development Life Cycle SDLC, Public Cloud Security, Web Application Firewalls WAFs, Web Gateways, Intrusion Prevention Systems IPS, Problemsolving

About Butterfly Groups

Job Description

Job Role: Senior Cloud Security Engineer Experience: 5 to 9 years in Information Security 2 years in Azure Cloud Security Work Location: Trivandrum (Hybrid) Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions. Monitor and analyze security alerts, events, and incidents to promptly detect and respond to threats. Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps. Seen as the cloud-security and cloud-compliance SME by the teams you support. Participate in incident response activities, including containment, investigation, and recovery, in the event of a security incident. Stay updated with cybersecurity threats, vulnerabilities, and industry best practices to ensure the organization remains secure. Ability to provide security guidance for physical, virtual, and code infrastructure. Provide vendor due diligence reviews, including SOC2 and vendor risk assessments. Drive change to improve the overall security posture. Ensure the protection of Organization information assets through the technical enforcement of organizational security standards and policies. Ensure technology risk impacting the business is effectively identified, quantified, communicated, and managed, including recommendations for resolution and identifying the root cause. Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security. Collaborate with team members and stakeholders on firm-mandated audits and take responsibility in performing the required reviews associated with the audit. Review IAM control standards, objectives in regular basis and perform access reviews associated with it Be the trusted advisor to ensure security of designs and blueprints for application architectures and cloud platforms. Design and maintain automated workflows to streamline security operations. Establish solid relationships with other teams and provide advisement as needed. Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams. Expert understanding of common information security standards and best practices. Experience in Security and regulatory compliance standards and frameworks Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation. Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU. Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight. Azure Cloud security experience (Preferred 2 years). Minimum 3 to 4 years of experience in cloud security Hands on experience securing public cloud workloads in a hybrid, corporate environment. Security, risk, and compliance experience with Cloud Platforms. Knowledge of security controls, configuration management, and vulnerability management in public cloud. Solid understanding of firewalls, WAFs, Web Gateways, and IPS Excellent problem-solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions. Practical understanding with Agile, ITIL, monitoring, and metrics Job Types: Full-time, Permanent, Fresher Schedule: Day shift Application Question(s): Do you have experience in Configuring, deploying, and managing enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation Do you have solid understanding of SDLC How many years of experience do you have in Azure Cloud Security and as Azure Cloud Developer Work Location: In person,