Website:
theglove.co.in
Job details:
Cloud & Infrastructure Security Engineer
Location: Hyderabad (Hybrid)
About the Role
We are looking for a Cloud & Infrastructure Security Engineer to strengthen our Information Security function. This role is responsible for securing cloud platforms, on-prem infrastructure, networks, and endpoints by designing secure architectures, implementing security controls, and driving day-to-day detection and incident response.
You will work closely with Cloud/DevOps, IT Operations, Networking, and Application Security teams to ensure our environments are secure-by-design, observable, and resilient.
Key Responsibilities
Security Architecture & Design
· Participate in architecture reviews for new systems and major changes
· Assess designs for security best practices (IAM, network segmentation, logging, encryption, DR, backups)
· Create and maintain cloud and infrastructure security reference architectures
· Perform threat modeling and risk assessments for new initiatives
Cloud Security
· Secure and harden cloud platforms (identity, storage, networking, encryption, key management)
· Configure and operate Cloud Security Posture Management (CSPM) tools
· Manage policy exceptions, risk justifications, dashboards, and reports
· Partner with DevOps teams to ensure IaC templates are secure-by-default
· Support container and cloud-native security
On-Prem, Endpoint & Identity Security
· Operate endpoint and server security platforms, DLP, and device management tools
· Tune detection policies and track coverage and remediation
· Define and maintain system hardening baselines aligned with industry benchmarks
· Support IAM initiatives including SSO, MFA, conditional access, and PAM
Network & Perimeter Security
· Manage firewalls, application-layer protection, VPNs, web proxies, and WAN technologies
· Implement Zero Trust and network segmentation strategies
· Maintain DNS security, email authentication (SPF, DKIM, DMARC), and anti-phishing controls
Detection & Incident Response (SecOps)
· Triage and respond to security alerts across cloud, endpoint, network, and email systems
· Lead initial investigation and containment of infrastructure-related incidents
· Coordinate with application security and other teams for complex incidents
· Maintain incident response runbooks and documentation
Logging, SIEM & Observability
· Ensure critical systems send logs to centralized logging/SIEM platforms
· Define log retention and access controls
· Build dashboards for authentication anomalies, privileged changes, and network threats
· Align security monitoring with reliability and operations teams
Vulnerability & Patch Management
· Conduct vulnerability scans across cloud and on-prem environments
· Prioritize findings and define remediation SLAs
· Track and verify patching and configuration fixes
· Feed learnings into hardened baselines and IaC templates
Requirements
Experience
· Experience in security engineering, cloud security, or infrastructure security
· Hands-on experience with at least one major cloud provider (AWS/Azure/GCP)
· Strong background in network security, endpoint protection, IAM, logging, and monitoring
· Experience with vulnerability scanning and patch management
· Experience working with automation and Infrastructure-as-Code environments
Skills
· Strong understanding of cloud security, IAM, encryption, network security, and endpoint hardening
· Knowledge of SIEM, logging, detection engineering, and monitoring concepts
· Awareness of common cloud and infrastructure attack techniques
· Scripting or automation skills are a plus
· Excellent documentation and communication skills
Education & Certifications
· Bachelor’s degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience)
· Security or cloud certifications are a plus (AWS/Azure/GCP, CISSP, CISM, etc.)
Personal Attributes
· Strong ownership and accountability
· Analytical, structured problem-solving mindset
· Collaborative approach with the ability to balance security and business needs
Click on Apply to know more.