Talent.com
L3 Security Specialist - Cloud Security & DevOps

L3 Security Specialist - Cloud Security & DevOps

ConfidentialChennai, India
1 day ago
Job description

Experience Required

8-12 years in Information Security with minimum 5 years in cloud security and SIEM operations

Cloud Security Management

  • Design, implement, and maintain security architectures across Azure and AWS multi-cloud environments
  • Lead security assessments, vulnerability management, and penetration testing initiatives
  • Architect and enforce security policies, standards, and best practices for cloud infrastructure
  • Manage identity and access management (IAM) policies, roles, and permissions across both platforms
  • Implement and maintain security monitoring, logging, and SIEM solutions
  • Lead incident response activities and conduct root cause analysis for security events

SIEM Operations & Security Monitoring

  • Design, deploy, and manage enterprise SIEM platforms (Splunk, Azure Sentinel, IBM QRadar, LogRhythm)
  • Develop and optimize correlation rules, alerts, and detection use cases
  • Create custom parsers and data connectors for log ingestion from multiple sources
  • Implement advanced threat hunting and analytics using SPL, KQL, or similar query languages
  • Manage log retention, archival, and compliance requirements
  • Integrate SIEM with SOAR platforms for automated incident response
  • Tune alert thresholds to minimize false positives while maintaining detection effectiveness
  • Generate security metrics, dashboards, and executive-level reports
  • Conduct regular health checks and performance optimization of SIEM infrastructure

    • Major Security Areas

    1. Identity & Access Management (IAM)

  • Implement least privilege access and role-based access control (RBAC)
  • Manage Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM)
  • Configure Azure AD, AWS IAM, Okta, and other identity providers
  • Implement Just-In-Time (JIT) access and Privileged Identity Management (PIM)
  • Conduct access reviews and entitlement management

    • 2. Data Security & Encryption

  • Implement data classification and Data Loss Prevention (DLP) solutions
  • Manage encryption at rest and in transit across all platforms
  • Configure key management systems (KMS) and Hardware Security Modules (HSM)
  • Implement database security controls and monitoring
  • Design data masking and tokenization strategies

    • 3. Endpoint Security

  • Deploy and manage EDR / XDR solutions (CrowdStrike, Microsoft Defender, Carbon Black)
  • Implement anti-malware, host-based firewalls, and security agents
  • Manage mobile device management (MDM) and endpoint compliance
  • Configure application whitelisting and device control policies

    • 4. Vulnerability Management

  • Lead enterprise vulnerability assessment programs
  • Manage scanning tools (Qualys, Nessus, Rapid7, Tenable)
  • Prioritize vulnerabilities using CVSS scoring and business context
  • Track remediation efforts and report on security posture
  • Conduct regular penetration testing and red team exercises

    • 5. Threat Intelligence & Hunting

  • Leverage threat intelligence feeds and platforms (MISP, ThreatConnect, Recorded Future)
  • Conduct proactive threat hunting using MITRE ATT&CK framework
  • Analyze indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs)
  • Develop custom threat detection rules and signatures
  • Participate in threat intelligence sharing communities

    • 6. Incident Response & Forensics

  • Lead security incident response following NIST guidelines
  • Conduct digital forensics and malware analysis
  • Manage security operations center (SOC) escalations
  • Develop and maintain incident response playbooks
  • Coordinate with external stakeholders during breaches

    • 7. Cloud Security Posture Management (CSPM)

  • Implement CSPM tools (Prisma Cloud, CloudGuard, Azure Security Center)
  • Continuously monitor cloud configurations for security risks
  • Remediate misconfigurations and security drift
  • Enforce cloud security baselines and CIS benchmarks

    • 8. Compliance & Risk Management

  • Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, NIST, FedRAMP
  • Conduct security audits and prepare compliance reports
  • Perform risk assessments and develop risk mitigation strategies
  • Manage security governance frameworks
  • Develop and maintain security documentation, runbooks, and procedures

    • Requirements

    Required Skills & Expertise

    Cloud Platforms

  • Azure : Azure Security Center, Microsoft Defender for Cloud, Azure Sentinel, Azure AD, Azure Policy, Azure Firewall, Application Gateway, NSGs, Azure Monitor, Azure Key Vault, Microsoft Defender for Identity
  • AWS : AWS Security Hub, GuardDuty, AWS IAM, Security Groups, AWS WAF, CloudTrail, Config, Inspector, Macie, KMS, CloudWatch, Systems Manager, AWS Shield

    • SIEM & Security Monitoring

  • SIEM Platforms : Expert-level proficiency in Splunk Enterprise Security, Azure Sentinel (Microsoft Sentinel), IBM QRadar, LogRhythm, Elastic SIEM
  • Query Languages : SPL (Splunk), KQL (Kusto Query Language), SQL for security analytics
  • Log Management : Log aggregation, parsing, normalization from diverse sources (Windows, Linux, cloud, network devices, applications)
  • Correlation & Analytics : Creating correlation searches, threat detection rules, behavioral analytics
  • SOAR Integration : Integration with Security Orchestration and Automated Response platforms (Splunk SOAR, Azure Logic Apps, Palo Alto Cortex XSOAR)
  • Threat Detection : Building use cases for ATT&CK framework, anomaly detection, user behavior analytics (UEBA)

    • Security Tools & Technologies

  • Vulnerability Management : Qualys, Nessus, Rapid7, Tenable, OpenVAS
  • EDR / XDR : CrowdStrike Falcon, Microsoft Defender for Endpoint, Carbon Black, SentinelOne
  • CASB : Microsoft Defender for Cloud Apps, Netskope, Zscaler
  • DLP : Symantec DLP, Microsoft Purview, Forcepoint
  • PAM : CyberArk, BeyondTrust, Thycotic Secret Server
  • API Security : Apigee, Kong, AWS API Gateway security

    • Security Frameworks & Standards

  • NIST Cybersecurity Framework (CSF)
  • NIST SP 800-53, 800-171
  • CIS Benchmarks and Controls
  • OWASP Top 10 & OWASP ASVS
  • MITRE ATT&CK Framework
  • Zero Trust Architecture (NIST SP 800-207)
  • Cloud Security Alliance (CSA) Cloud Controls Matrix
  • ISO 27001 / 27002
  • PCI-DSS, HIPAA, GDPR, SOC 2

    • Highly Preferred certifications :

  • Certified Cloud Security Professional (CCSP)
  • GIAC Security Essentials (GSEC) or GIAC Certified Incident Handler (GCIH)
  • Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP)
  • Certified Kubernetes Security Specialist (CKS)

    • Skills Required

    carbon black , Ibm Qradar, Dlp, Nessus, Sql, logrhythm , crowdstrike , SPL, Owasp, Splunk, Cyberark, Azure, Qualys, Aws

    Create a job alert for this search

    Security Specialist • Chennai, India