Job Responsibilities
- Design, implement, and maintain secure, scalable, and compliant cloud environments across AWS, Azure, and/or GCP.
- Develop, implement, and maintain cloud security policies, standards, and best practices in line with organisational and regulatory requirements.
- Implement automation and Infrastructure as Code (IaC) to embed security controls and improve deployment efficiency and compliance.
- Configure and manage identity, access, and encryption controls to protect cloud workloads and sensitive data.
- Monitor cloud environments for security threats using cloud-native and third-party security tools, and support incident response and root cause analysis.
- Collaborate with architecture, development, and DevOps teams to integrate security into CI/CD pipelines and throughout the application lifecycle.
- Perform security assessments, vulnerability scans, and risk analysis for cloud workloads and services.
- Maintain documentation related to security architecture, incident response procedures, and compliance reporting.
- Stay updated on emerging cloud security threats and best practices, and recommend improvements to enhance security posture and resilience.
Essential (Must-Have) Skills & Experience
The following skills are required to perform the role effectively:
- Hands-on experience with at least one major cloud platform (AWS, Azure, or GCP), including secure configuration and administration of compute, storage, and networking services.
- Experience implementing security controls and automation using Infrastructure as Code (IaC) tools such as Terraform.
- Working knowledge of cloud security fundamentals, including identity and access management (IAM), encryption, network security (e.g. VPCs, subnets, VPNs), and monitoring or security services.
Preferred Skills & Experience (Good to Have)
The following are advantageous but not mandatory:
- Experience with container platforms and security practices, including Kubernetes security hardening.
- Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.
- Familiarity with cloud security benchmarks and compliance frameworks (e.g. CIS).
- Exposure to cloud-native threat detection and incident response solutions.
- Experience in vulnerability management and remediation in cloud environments.
- Basic scripting skills (e.g. Python, Bash, or PowerShell) for security automation.
- Experience with disaster recovery planning and secure backup strategies.
- Ability to work effectively in cross-functional teams and troubleshoot complex technical issues.
Please refer to U3's Privacy Notice for Job Applicants/Seekers at https://u3infotech.com/privacy-notice-job-applicants/. When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.
