Cloud Security Specialist

Cloud Security - AD - Mumbai

Description

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Responsibilities

• Design, implement, assess, manage and operate tools / architecture / processes / controls to secure client’s cloud infrastructures and services. 

  • Design cloud security architecture including, but not limited to, secure cloud landing zone, secure cloud infrastructure & services and cloud workloads.

  • Develop and document security policies & procedures as per the requirements.

  • On-boarding cloud accounts to tools such as Wiz, Prisma, etc. Define relevant cloud policies / rules / alerts, perform security remediation as per findings.

  • Responsible for managing CNAPP, CSPM, CWPP, KSPM, CIEM, Code Security, Data Security etc. 

  • Prioritize security findings and provide recommendations to mitigate the security gaps and work with cloud owners to remediate security findings.

  • Develop custom playbooks for threat hunting and auto-remediation.

  • Assist with incident response in the event of security breach.

  • Review of client’s cloud security posture and make recommendations for improvement.

  • Actively contribute to innovation activities which are undertaken in the area of cloud security.

Qualifications

• Hands-on experience with at least one major public cloud platform, such as AWS, Azure, or Google Cloud Platform. Any other public cloud platform along with these will be an additional desirable attribute.

  • Experience in CNAPP solutions (Palo Alto Prisma Cloud, Wiz). Should have setup, deployed and tweaked the product rules and configurations to suit requirements of different organizations.

  • Experience in infrastructure as code (terraform)

  • Experience in scripting languages such as Python, PowerShell etc. Security automation skills/experience will be an additional desirable attribute.

  • Strong understanding of containerization technologies/concepts such as Kubernetes, Docker etc. and related security best practices.

  • Experience in creating and evaluating cloud security architectures by following industry best practices. 

  • Hands-on experience on cloud native security features like Azure Sentinel, Microsoft Defender for cloud, CloudTrail, GuardDuty, Inspector, Security Hub, Command Centre etc.

  • In-depth knowledge of managing common cloud security threats and vulnerabilities.

  • Experience with security compliance standards such as ISO 27001/27002/27017, NIST, CSA CCM etc.

  • Understanding on various government and regulatory compliance requirements w.r.t cloud security

  • Knowledge of Identity and Access Management protocols/solutions such as SSO, SAML Federated Identity, RBACs & authorization solutions.

  • Experience with Linux & Windows operating systems for patch management, log management, and understanding on OS hardening requirements. 

  • Impeccable communication skills, both written and oral.

  • Strong organization and time-management skills, with the ability to swiftly transition between projects and tasks.

  • Must have one or more cloud certifications. Desirable certifications include: -

    • AZ-500 (Azure Security Engineer)

    • SC-100 (Cybersecurity Architect Expert)

    • AWS Certified Specialty – Security

    • Google Cloud Professional Cloud Security Engineer 

    • AZ-303 (Microsoft Azure Architect Technologies)

    • Prisma Certified Cloud Security Engineer (PCCSE)

    • WIZ certifications

  Equal employment opportunity information 

  
  KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.