Cloud security

Posted: Sept. 8, 2021, 11:40 a.m. - Full Time - Hyderabad

Location: India (preferably Hyderabad)

No. of open positions: 2

Epam Systems is looking for people with 6-12 years of experience in information Security majorly in Cloud Security domain.

Major accountabilities:

  • Cloud Governance - Assist in designing and implementing policies, guardrails which are required to make the cloud environment complaint as per the Novartis control framework. This included alignment with various teams internally to understand the requirement and then the actual implementation. Open vulnerabilities are tracked and remediations are performed after having co-ordination with respective stakeholders.
  • Security Incident/Alert management – Manage cloud security operations incidents/alerts and ensuring timely response for incidents reported. This includes supporting cloud security operation in reviewing the alerts/incidents and driving towards remediation.
  • Maintaining Compliance: Assist team in making sure that cloud resources are provisioned and running as Novartis security standards. When required suggest actions (Preventive/Reactive) Controls which can be implemented to make environment secure.
  • Managing metrics/reports: When required assist cloud security operations in creation of the security dashboard and reports.

Required Skills:

  • Sound knowledge on cybersecurity concepts in desired.
  • A good understanding of Cloud infrastructure/Cloud Security/Compliance would be desired.
  • Experience in cybersecurity/security operations center.
  • Experience in public cloud infrastructure management.
  • Experience in incident management/Vulnerability management.
  • Proven track record working with multinational teams.
  • Good presentation and communication skills (written & spoken).
  • AWS Cloud Security certification, AZ-500 (Azure Security engineer) or CCSK, CCSP.
  • Knowledge of various compliance standards/frameworks like PCI-DSS, ISO 27001, NIST 800-37 Would be plus.
  • English level B2.

Understanding of both AWS and Azure would be plus but at least good security knowledge on one Public cloud platform would be essential.