Engineering Manager - Cloud Security (DevSecOps)

Bengaluru full-time

Job description

The Engineering Manager - Cloud Security (DevSecOps) at Zeta is responsible for securing and automating the cloud environment, setting processes, creating CI/CD roadmaps, hardening infrastructure against threats, and improving the cloud and Kubernetes security posture. They require a solid understanding of public cloud technologies, experience with CI/CD pipelines, containerization, Kubernetes, scripting, vulnerability assessments, penetration testing, compliance, and various security tools.

Responsibility

  • Implement cloud security initiatives for the entire organization
  • Improve Cloud security posture and Kubernetes security using CI/CD
  • Understand by regular gap assessment
  • Provide support in detection and mitigation of cybersecurity vulnerability and incidents for Cloud
  • Prepare and present reports of Vulnerability Assessment, Automation, Penetration Testing etc.
  • Oversee the planning and coordination of Cloud security
  • Deploy, Maintain and Support Log Aggregation, Vulnerability, and Threat Detection Solutions with associated visualizations
  • Hiring decisions, hiring process definition, and continuous improvements
  • Perform review and validation of all deliverables for Cloud Security
  • Educate DevOps, Devs, and Security Team on best practices
  • Continuous improvement of Cloud Security posture
  • Integrating various tools into CI/ CD and automating repetitive tasks
  • Ensure the environment is compliant with CIS, NIST, PCI etc.
  • Ensure that Security Standards are adopted by the Product Team covering both Cloud, On-Prem, SaaS, PaaS, and IaaS.

Qualifications

  • Solid understanding of public cloud technologies and hands-on technical knowledge of at least one major public cloud like AWS, Azure, etc.
  • Experience of CI/CD Pipeline implementation and at least one tool (Jenkins, ArgoCD, Bitbucket Pipelines etc)
  • Experience in at least one scripting language (Bash, Python, Java etc)
  • Experience with containerization and Kubernetes
  • Experience of automating and templating security processes and documentation for compliance purposes
  • Hands-on experience of vulnerability assessments, Penetration Testing, Web Application Security, data privacy, identity access management etc
  • Experience of at least 2 active and passive security tooling (OWASP ZAP, Veracode, Checkmarx, Fiddler etc)
  • Experience on Infrastructure as Code solution (Terraform, Ansible, Chef etc)
  • Experience with security tools like Prisma, Aqua, Clair, Hashicorp Vault, etc.
  • Conduct Architecture and Design review to provide guidance and security assurance around best practices and frameworks
  • Knowledge of development practices using Java and Nodejs, Docker, Kubernetes and other container orchestration services
  • Experience with Secure Code Quality Tools, Testing and Techniques - ZAP, Wireshark, Sonarqube, Metasploit etc
  • Understanding of security frameworks, controls, and processes - CIS, NIST, PCI/DSS. SOCI/II, etc
  • Experience in one or more languages - NodeJS, GoLang, Python, Perl, Ruby, Bash, Javascript, Java etc.

Job Summary

Sign in to Apply

Last Seen: 2024-10-16

Job Type: full-time

Location: Bengaluru

First Seen: 2023-12-06

Company Summary

Zeta is a financial technology company offering a suite of products focused on credit processing, banking solutions, and enterprise payments. Their innovative platform integrates technology and marketing services, helping businesses engage with customers. Founded by Bhavin Turakhia and Ramki Gaddipati, Zeta has become a significant fintech player globally.