Security Compliance & Operations Specialist

As a Cloud Security & Compliance Specialist, you will be responsible for managing and enhancing the security posture of our AWS-hosted infrastructure and services. You will lead key security compliance initiatives (e.g., ISO 27001, PCI DSS), guide secure DevOps practices, and oversee the implementation of security tools and controls across the cloud environment.

• Lead the PCI DSS and ISO-27001 certifications activities including Internal Audit assessments, evidence collections, External audits etc.
• Work closely with CISO function for risk assessment, security due diligence (Internal & RFI’s from clients), security incident analysis and forensic investigations etc.
• Design, implement, and manage existing and new cloud security technologies (Cloud Workload Protection / Cloud Security Posture Management / WAF)
• Remediate infrastructure vulnerabilities using appropriate tools and vulnerability management workflows.
• Maintain security posture and limit risk exposure by adopting cloud native/third party cloud security solutions (such as CrowdStrike, Alertlogic).
• Manage Data Protection & Endpoint Security, including Antivirus, DLP, Secure Web Gateway, and Proxy systems.
• Perform cloud security assessments of current AWS infrastructure and application environments.
• Work closely with DevOps and ProdOps teams to build secure architectures for monolithic and microservices-based applications.
• Support daily cloud infrastructure operations and monitor security events with ProdOps.
• Stay updated with emerging threats, technologies, and industry best practices; contribute to cloud security strategy evolution.

• Bachelor of Engineering (BE/B.Tech)
• 2–4+ years of hands-on experience in cloud security, solution design, and risk-based security implementation.
• Experience in configuring and managing security controls in AWS environments.
• Familiarity with a wide range of security technologies, including:

a. SIEM / MDR

b. Network Security & Firewalls

c. IDS/IPS, DDoS Protection

d. Patch Management, Web Proxy, Application Security

e. DLP, IAM, Endpoint Security

• Strong knowledge of AWS security services such as WAF.
• Working understanding of security frameworks and compliance standards including GDPR, ISO 27001, ISO 27017, and PCI DSS.
• Proficient in documenting security policies, procedures, and controls across the organization.
• Detailed knowledge of risk-based cloud security controls and remediation strategies.

We are an international team, with members located in offices across the world but who share learnings and support and encourage each other, overcoming any challenges that distance and even different time zones may throw up.

Our goodies for you:

• Competitive salary dependent on experience
• Internal incentive program
• Anniversary bonus
• Annual Team Outing and regular Team events