Summary :
The role covers running and transforming company’s cloud environments across AWS, Azure, GCP, and OCI. This includes provisioning, access management, logging, and day-to-day operational governance. Security Posture Maturity - A key driver for the project is to strengthen security posture across all cloud platforms : Continuous monitoring of environments.
Responsibilities :
- Identifying and prioritizing vulnerabilities (CVEs, IAM gaps, compliance drift).
- Enforcing standardized configurations and policies (, Golden Images)
- Vulnerability & Risk Management Proactive patching and remediation of vulnerabilities.
- Investigating incidents, performing root cause analysis, and preventing recurrence.
- Regular reporting on security status, metrics, and mitigation progress to leadership
- Compliance & Governance Reduce non-Golden Image compliance issues across environments.
- Implement IAM, org policies, and service controls to meet governance standards.
- Work with GovCloud setups where federal-level compliance is required
- Automation & Efficiency Build and deploy automated security controls using IaC, Python, and Bash.
- Integrate with cloud-native tools (AWS Security Hub, GCP Security Command Center, Azure Security Center).
- Streamline vulnerability scanning and penetration testing processes Contractor
- Cross-Functional Collaboration Partner with security teams to design and implement new security control services. Collaborate with leadership to deliver reporting and compliance insights.
- Ensure best practices are enforced across all deployed cloud services Contractor
Team Technical Stack :
Clouds : AWS, Azure, GCP, OCI.Security Tools : AWS Security Hub, Azure Security Center, GCP Security Command Center.IAM / Governance : Azure AAD, IAM modeling, PIM, SCPs, Org Policies, VPC Service Controls.Automation : Infrastructure as Code (IaC), Python, Bash.Other : Vulnerability scanning, penetration testing Contractor - CMust have skills :
Multi-cloud expertise (AWS, Azure, GCP, OCI).Cloud IAM & governance (AAD, Org policies, service controls).Vulnerability management (CVEs, patching, compliance).Hands-on with native cloud security tools.Strong automation skills (IaC, Python, Bash) Contractor - Cloud EnginSoft skills required :
Collaboration (works with cross-functional teams).Proactive mindset (identifying and mitigating risks before escalation).Problem-solving & analytical thinking (root cause investigations, incident response).Clear communication (reporting vulnerabilities and security posture to leadership)AditiIndia