Prodapt
Website:
prodapt.com
Job details:
Overview
Title: Public Cloud Security Expert
Location: [Remote / Onsite - Indore/Bangalore ]
Team: Security Assurance Department
Level: Mid-Senior / Senior
Role Summary
We are seeking a highly skilled
Public Cloud Security Expert to lead the design, implementation, and continuous enhancement of security controls across our multi-cloud environments (AWS, Azure, GCP). This role is ideal for a hands-on cloud security lead who can influence architecture, enforce guardrails and ensure regulatory and risk compliance.
Key Responsibilities:
- Design and enforce security architectures for cloud-native and hybrid workloads.
- Conduct threat modelling, risk assessments & CIS Benchmarking for cloud-native applications and infrastructure
- Implement SIEM, CSPM, CWPP, CNAPP, and Zero Trust frameworks across environments.
- Continuously assess and remediate misconfigurations, overly permissive IAM roles, and vulnerabilities.
- Develop and enforce security policies for identity management, encryption, data protection, and logging
- Drive security automation via IaC (Terraform, CloudFormation), and policy-as-code (OPA, Sentinel).
- Define and manage controls for data encryption, tokenization, key management (KMS/HSM).
- Collaborate with AppSec, DevOps, and GRC to maintain security and compliance (e.g., SOC 2, ISO 27001, PCI-DSS).
- Respond to and investigate cloud-related incidents and participate in forensic analysis.
- Evaluate and integrate third-party security tools (e.g., Prisma Cloud, Wiz, Orca, Lacework, Aqua).
- Create detailed documentation and contribute to cloud security runbooks and playbooks.
Required Skills & Experience:
- 5+(3-4) years in cybersecurity, with 3+ in cloud-native security.
- Deep understanding of AWS, Azure, or Google Cloud services and their shared responsibility models.
- Proficiency in:
- IAM, VPCs, WAFs, EDR/XDR, CSP logs (CloudTrail, GCP Audit Logs)
- CI/CD security, DevSecOps, container security (Docker/Kubernetes, EKS/AKS/GKE)
- Serverless security and workload isolation
Preferred Certifications:
- AWS Certified Security - Specialty
- Google Professional Cloud Security Engineer
- Azure Security Engineer Associate
- HashiCorp Certified: Terraform Associate
- GIAC Cloud Security Essentials (GCLD)
Frameworks & Tools Familiarity:
- NIST CSF / 800-53, MITRE ATT&CK for Cloud, CIS Benchmarks, ISO 27017
- Security tooling: ORCA, Prisma Cloud, Cloud Custodian, Checkov, Open Policy Agent (OPA), KICS, ScoutSuite
- SIEM/Monitoring: Splunk, ELK, Cloud-native monitoring (AWS Security Hub, GCP SCC)
Education Qualification & Soft Skills:
- Graduate or Master Degree from IT related fields like Cyber Security , BSc IT, Computer Science, Cloud Computing, etc is preferred.
- Clear communicator with executive reporting capabilities.
- Able to balance pragmatic business decisions with security enforcement.
Self-driven, collaborative with strong documentation and mentorship skills.
Pen (Penetration) testing , VAPT, Vulnerability assessment, ORCA any one
Responsibilities
- Design and enforce security architectures for cloud-native and hybrid workloads.
- Conduct threat modelling, risk assessments & CIS Benchmarking for cloud-native applications and infrastructure
- Implement SIEM, CSPM, CWPP, CNAPP, and Zero Trust frameworks across environments.
- Continuously assess and remediate misconfigurations, overly permissive IAM roles, and vulnerabilities.
- Develop and enforce security policies for identity management, encryption, data protection, and logging
- Drive security automation via IaC (Terraform, CloudFormation), and policy-as-code (OPA, Sentinel).
- Define and manage controls for data encryption, tokenization, key management (KMS/HSM).
- Collaborate with AppSec, DevOps, and GRC to maintain security and compliance (e.g., SOC 2, ISO 27001, PCI-DSS).
- Respond to and investigate cloud-related incidents and participate in forensic analysis.
- Evaluate and integrate third-party security tools (e.g., Prisma Cloud, Wiz, Orca, Lacework, Aqua).
- Create detailed documentation and contribute to cloud security runbooks and playbooks.
Requirements
- 5+(3-4) years in cybersecurity, with 3+ in cloud-native security.
- Deep understanding of AWS, Azure, or Google Cloud services and their shared responsibility models.
- Proficiency in:
- IAM, VPCs, WAFs, EDR/XDR, CSP logs (CloudTrail, GCP Audit Logs)
- CI/CD security, DevSecOps, container security (Docker/Kubernetes, EKS/AKS/GKE)
- Serverless security and workload isolation
Preferred Certifications:
- AWS Certified Security - Specialty
- Google Professional Cloud Security Engineer
- Azure Security Engineer Associate
- HashiCorp Certified: Terraform Associate
- GIAC Cloud Security Essentials (GCLD)
Frameworks & Tools Familiarity:
- NIST CSF / 800-53, MITRE ATT&CK for Cloud, CIS Benchmarks, ISO 27017
- Security tooling: ORCA, Prisma Cloud, Cloud Custodian, Checkov, Open Policy Agent (OPA), KICS, ScoutSuite
- SIEM/Monitoring: Splunk, ELK, Cloud-native monitoring (AWS Security Hub, GCP SCC)
Education Qualification & Soft Skills:
- Graduate or Master Degree from IT related fields like Cyber Security , BSc IT, Computer Science, Cloud Computing, etc is preferred.
- Clear communicator with executive reporting capabilities.
- Able to balance pragmatic business decisions with security enforcement.
Self-driven, collaborative with strong documentation and mentorship skills.
Pen (Penetration) testing , VAPT, Vulnerability assessment, ORCA any one
Click on Apply to know more.