Scybers
Website:
scybers.com
Job details:
Required Qualifications:Technical Depth:
- 7-10 years in Cloud Security Architecture with hands-on design experience
- Deep cloud platform expertise: AWS: IAM, KMS, VPC, GuardDuty, SecurityHub, CloudTrail, Config, RDS/EC2/S3 security
- Azure: RBAC, Key Vault, NSG, Azure Defender, Sentinel, SQL Database security
- GCP: IAM, KMS, VPC, Cloud Armor, Security Command Center, Cloud SQL
- Multi-cloud architecture: Designing systems across 2+ cloud providers
- Identity & Access Management: IAM policies, workload identity, federation, zero trust
- Network security: VPCs, firewalls, WAF, DDoS, segmentation, encryption in transit
- Data security: Encryption at rest/in transit, database security, key management
- Container & Kubernetes security: ECR/ACR/GCR, pod security, admission controllers
- Threat detection & response: SIEM, cloud-native detection (GuardDuty, Defender, Cloud Armor), incident response
- Compliance automation: Policy-as-code, automated remediation, compliance reporting
- Scripting/automation: Python, Go, Bash/PowerShell for cloud automation
- Infrastructure as Code: Terraform, CloudFormation, ARM Templates, Pulumi
Leadership & Architecture Skills:
- Enterprise architecture thinking: Design decisions with trade-offs, scalability, resilience
- Risk assessment & mitigation: Threat modeling, attack surface analysis, risk quantification
- Stakeholder communication: Translate security to business impact, executive reporting
- Standards & controls development: Design security baselines, policies, enforcement mechanisms
- Technology selection: Evaluate cloud services, security tools, third-party integrations
- Cost-aware security: Balance security posture with cloud spending
Security Domain Knowledge:
- Compliance frameworks: PCI-DSS, HIPAA, GDPR, SOC 2, ISO 27001, NIST CSF
- Application security: OWASP Top 10, threat modeling, API security, dependency risks
- Zero Trust principles: Assume breach, continuous verification, least privilege
- Supply chain security: SBOM, signing/attestation, software integrity
- Cloud security patterns: Multi-tenancy, serverless, containers, microservices
- Regulatory context: Understands how compliance requirements translate to architecture
Preferred Experience / Certifications:- Advanced cloud certifications: AWS: Solutions Architect Professional, Security - Specialty
- Azure: Azure Security Engineer Expert, Solutions Architect Expert
- GCP: Professional Cloud Security Engineer, Professional Cloud Architect
- CISSP or equivalent security architecture certification
- Experience with FinTech, Digital Banking, or regulated industries
- FinOps (Financial Operations) background—security + cost optimization
- Incident response leadership in cloud environments
- Threat hunting and advanced analytics experience
- API security, serverless security, or microservices security depth
- Container orchestration platform design (EKS, AKS, GKE)
- Building cloud security reference architectures & frameworks
Location & Work Setup:📍 Based in Chennai with the flexibility to work with global clients
🌍 Remote-first engagement model for customer interactions across time zones
🤝 Collaborative team environment with security engineering peers
Key Responsibilities Summary:A) Cloud Security Architecture Design
- Design multi-cloud security foundations across AWS, Azure, GCP
- Create security reference architectures for different use cases (FinTech, SaaS, AI/ML)
- Design zero-trust architectures with continuous verification
- Define IAM strategies, network segmentation, data protection strategies
B) Threat Modeling & Risk Assessment
- Conduct threat modeling sessions for cloud applications
- Assess cloud architecture against attack vectors and compliance requirements
- Quantify cloud security risks and recommend mitigations
- Design resilience patterns and disaster recovery strategies
C) Compliance & Governance
- Map compliance requirements (PCI-DSS, HIPAA, GDPR, SOC 2) to cloud architecture
- Design policy-as-code implementations for cloud governance
- Create compliance reporting frameworks and evidence collection
- Establish exception governance and audit-ready processes
D) Cloud-Native Security
- Design container, Kubernetes, and serverless security patterns
- Implement supply chain integrity controls across cloud deployments
- Design secrets management and workload identity strategies
- Architect API security and rate limiting at scale
E) Incident Response & Threat Detection
- Design cloud-native threat detection and incident response
- Architect SIEM integration with cloud platforms (GuardDuty, Defender, Cloud Armor)
- Create incident response playbooks for cloud breaches
- Design forensics and evidence collection frameworks
F) Technology Evaluation & Integration
- Evaluate and recommend cloud security tools and services
- Architect third-party security integrations (identity providers, SIEM, DLP, etc.)
- Design cost-effective security tool strategies
- Lead proof-of-concepts and pilots
G) Standards & Controls Development
- Create security baselines and hardening guides for cloud platforms
- Develop security standards, policies, and procedures
- Design control frameworks and monitoring
- Establish security runbooks and playbooks
Click on Apply to know more.