Senior Cloud Security Specialist

Tally Solutions Pvt. Ltd.
  • Bangalore
  • Confidential
  • 10-12 years
  • Views
  • 24 Jul 2019

  • IT/ Information Technology

  • Consumer Durables/ Semi Durables
Job Description

Role : Senior Cloud Security Specialist​

Function : Cloud Operations​

Experience : 10-12 yrs

What will you be doing?​

As a Senior Cloud Security Specialist, you will be a strategic contributor in information security, problem solving and relationship management to lead internal programs aimed at: achieving certification and attestation of multi-cloud platforms against Tally's security policies, industry standards and regulations, and government regulations, identifying and mitigating security risks in our cloud deployments; ensuring security alignment to corporate policies; and balancing security requirements with the dynamic needs of our users and the values of our company

- Conduct Vulnerability Assessments & penetration testing of Tally's Cloud Infrastructure using various tools and methodologies

- Research and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding, network security, and encryption

- Analyze scan reports and suggest remediation / mitigation plan

- Review software posture and work with operations to plan code version upgrade requirements of supported security and network devices

- Become proficient with corporate and industry security requirements/best practices; stay current on cloud security policies, standards, regulations making recommendations for the company

- Work closely and collaboratively with Information Security Officers, IT Departments, and Business units to support their needs

- Act as an advocate of information security policies, standards, controls and as an enabler to the business while managing risk appropriately

- Drive mitigation of reported risks from continuous monitoring solutions

- Gain deep security-level knowledge of cloud environments, continuous monitoring solutions to understand and provide direct guidance for security remediation activities.

- Partner with enterprise teams to establish preventative controls to support security needs via

- Act as a focal point in the implementation & delivery of a formalized information security awareness offerings

- Maintain strong awareness of cloud security incidents in the external community to identify threats and opportunities for enhancement. Apply those learnings to Cloud Security Operations program and associated solutions.

- Lead evaluation, recommendation, implementation and support third party cloud security ecosystem tools as necessary

- Analyze and recommend cloud cost savings to reduce overall spend; Support annual renewal and budgeting needs

- Provide technical mentoring and knowledge transfer to members of the team

Required Candidate profile

Who are we looking for?

- Bachelor's degree in Information Technology and or Security

- 3 or more years of experience with AWS/Public Cloud (AWS Solution Architect Certification a big plus), with 8 or more years of experience in Security, Compliance and risk management, including privacy, controls, etc

- Knowledge of one or more audit frame works (ISO27K, PCI-DSS, GDPR, HIPAA)

- Network Security (multi-vendor) experience

- Broad background of networks, operating systems (Windows, Linux), firewalls and security engineering & compliance concepts

- Knowledge of scripting languages (Python / Shell / Go) will be added advantage

- One of more of the following certifications: Google Cloud Certified (GCP) Associate Cloud Engineer (ACE), Oracle Cloud Infrastructure (OCI) Certified Architect Associate (CAA), AWS Certified Solutions Architect - professional, AWS Certified Security - Specialty, CSA Certificate of Cloud Security Knowledge (CCSK), ISC2 Certified Cloud Security Professional (CCSP).

- Demonstrated knowledge of multi-cloud platforms (AWS, GCP, Azure,, etc.) to be able to identify and prioritize potential security challenges

- Demonstrated experience of Infrastructure as a Service (IaaS) cloud platforms, such as: IAM, compute (i.e. EC2, GCE), storage (volume/object), networking (VPC, VCN, Load Balancers, Security Groups/List, NACLs), serverless (i.e. Lambda) etc.

- Technical skills to identify and assess cloud security vulnerabilities and risks

- Expertise in researching & evaluating identified vulnerabilities and risks posed to the organization's information and systems

- Ability to clearly communicate technical concepts to all audiences

- Performance oriented, self-directed ability to drive change & manage multiple projects

- Produce and communicate appropriate reporting & metrics to stakeholders

- Demonstrated experience in administration/management of continuous monitoring solutions

- Account Management: adding/removing cloud accounts

- Expertise with Jenkins, JIRA, Confluence a plus

- Understanding of containerization (Docker, Kubernetes, Elastic Container Service) and best practices to secure registries, images, workloads, etc. a plus.

Job Posted By

About Organisation

Tally Solutions Pvt. Ltd.