5 Cspm Jobs

Role Summary We're seeking an experienced Cloud Security Engineer with strong expertise in Azure and GCP platforms. In this role, you'll work at the intersection of cybersecurity and cloud engineering, focusing on implementing security recommendations from Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) solutions. Key Responsibilities Analyze and prioritize security findings from CSPM and CNAPP tools across Azure, GCP and AWS environments Coordinate and execute remediation activities with cloud engineering teams to address identified vulnerabilities Lead the deployment, configuration, and maintenance of CSPM and CNAPP solutions Develop and implement security automation to streamline remediation processes Create and maintain cloud security documentation, including policies, procedures, and architectural diagrams Participate in security incident response for cloud-related events Provide cloud security expertise during new service deployments and architecture reviews Stay current with evolving cloud security best practices, threats, and compliance requirements Qualifications 4+ years of experience in cloud security across Azure and GCP platforms Demonstrable experience with CSPM and CNAPP tools and methodologies Strong understanding of cloud-native security controls, including IAM, encryption, network security, and logging/monitoring Proficiency in security automation using tools like Terraform, Azure ARM templates, or GCP Deployment Manager Experience with Kubernetes and other containerisation technologies Experience with cloud security frameworks and compliance standards (e.g., CIS, NIST, SOC2) Strong knowledge of DevSecOps principles and practices Excellent communication skills to effectively coordinate with various technical teams Preferred Skills Relevant security certifications (e.g., CCSP, Azure Security Engineer, GCP Professional Cloud Security Engineer) Experience with container security and Kubernetes environments Familiarity with cloud security APIs and CLI tools Background in security architecture or engineering Experience with cloud infrastructure as code (IaC) security scanning

What You'll Do Join us in building a secure, scalable, and experienced platform to support Avalara's expanding business and global customer base. As a Senior Application Security Engineer , you'll work with world-class engineers and architects to ensure security is embedded in everything we buildboth in today's systems and the future of our architecture. This role is perfect for someone passionate about automation, cloud-native security, and AI-driven application defense . You'll help shape the future of Avalara Security , driving security as code, ensuring automation-first practices, and integrating modern AI tooling into security workflows. You understand the value of developer empathy, moves quickly without sacrificing quality, and excels in an environment that combines startup energy with enterprise scale. Job Responsibilities You will build, maintain, and continuously improve an automated security pipeline framework integrated into our CI/CD environments. You will lead development of Infrastructure-as-Code and Policy-as-Code for application security enforcement and consistency across environments. You will evaluate and integrate security tools (SAST, DAST, SCA, CSPM, EDR) and AI-based solutions into engineering workflows and CI/CD pipelines. You will provide applicable guidance and mentorship to development and Avalara Security engineering teams on secure development best practices. Investigate, prototype, and apply AI/ML-based solutions for application behavior analysis, anomaly detection, and threat hunting. Promote security by design across the organization, and help foster a security-first culture. Contribute to the continuous refinement of the SDLC to ensure security is smooth, consistent, and measurable. What You'll Need to be Successful Required Qualifications 8+ years of experience in application security, secure software development , or security engineering. Strong programming proficiency in Python and GoLang (hands-on). Experience with secure SDLC practices and CI/CD pipeline integration. Strong hands-on experience with Kubernetes , container security, and cloud infrastructure security preferably AWS and GCP . Experience with Infrastructure-as-Code (IaC) tools like Terraform or CloudFormation. Working knowledge of cryptographic protocols and standards: TLS, OAuth, SAML, JWT , etc. Familiarity with Git , modern source control practices, and agile development methodologies. Experience working with a broad range of security tools , including: Tenable , Wiz (Cloud Security Posture Management) Checkmarx , Mend (SAST, SCA) Acunetix , Burp Suite (DAST) CrowdStrike (EDR/XDR) Bachelor's Degree in Computer Science, Engineering, or a related field. Proven experience contributing to security automation efforts within a security organization like Avalara Security . Experience with AI/ML tools and frameworks applied to application security or behavior analytics. Security certifications such as OSWE, CSSLP, AWS Security Specialty, or Kubernetes Security Specialist. Passion for enabling developer-friendly security solutions and maximum automation.

Roles & Responsibilities:- Design and implement secure AWS cloud architectures aligned with business and compliance requirements. Automate security controls and integrate them into CI/CD pipelines Manage and monitor AWS security tools such as GuardDuty, Security Hub, and CloudTrail Develop and enforce IAM policies using least privilege principles Conduct threat modeling, vulnerability assessments, and cloud security posture evaluations Ensure compliance with standards like SOC 2, ISO 27001, and NIST Support audit readiness and implement risk treatment plans Collaborate with DevOps teams to embed security in cloud deployments Promote DevSecOps culture across development and operations teams Create and maintain security-as-code using CloudFormation, Terraform, and scripting Automate detection, remediation, and incident response processes Provide security guidance during cloud migrations and new service adoptions Qualification:- Bachelors in Cybersecurity, Computer Science, or related field (Masters preferred) 7+ years in cybersecurity, with 5+ years in cloud security Strong expertise in AWS security tools (GuardDuty, Security Hub, IAM, KMS, CloudTrail) Familiar with cloud security frameworks (AWS Well-Architected, NIST CSF, CSA CCM) Experience in securing CI/CD pipelines and implementing IaC security (CloudFormation/Terraform) Hands-on with CSPM tools and automated security validation Deep understanding of IAM principles and DevSecOps practices Proficient in scripting (Python, Bash) for automation Strong knowledge of network, container, and serverless security Excellent communication skills (verbal and written) Certifications: AWS Security Specialty, CCSP, CISSP, or equivalent Preferred Qualifications :- Experience with multi-cloud (AWS, Azure, GCP) security Understanding of regulatory frameworks (e.g., GDPR, HIPAA, ISO) Hands-on with container security (Docker, Kubernetes, ECS/EKS) Experience with Zero Trust security models in cloud Familiarity with automated incident response and cloud-native tools Knowledge of Hashicorp Vault or similar tools for secrets management Experience securing data lakes and analytics platforms Worked with CWPP and serverless security best practices Cloud security experience in energy efficiency/sustainability domains Experience in cloud threat modeling and collaborating with global teams

Role & responsibilities Good interpersonal skills (written and oral communication) and ability to articulate complex issues Ability to communicate technical information clearly and concisely, commensurate with the audience Conceptual thinking and communication skills the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Good communicator (written and verbal) and listener. Must be a team player and motivated self-starter with ability to work independently with limited supervision. Must be assertive, methodical and detail oriented Technical Experience: Must have worked on Palo Alto Prisma cloud Experience in cloud security and understanding of basic principles Experience in CSPM, CIEM, and CWP Knowledge of cloud service providers (majorly Azure and GCP) and their technologies Mandatory skill sets: Palo Alto Prisma Cloud Preferred skill sets: CSPM , CIEM , CWP , Azure & GCP

Job Title: Cloud Security Department: Technology Consulting Location: Gurgaon Overview: We are seeking a highly skilled and experienced Cloud Security Manager to join our team. The ideal candidate will be responsible for overseeing the development, implementation, and maintenance of cloud security measures to protect the organization's cloud-based assets. The Cloud Security Manager will work closely with various teams to ensure compliance with industry standards and regulatory requirements. Key Responsibilities: Develop and implement cloud security policies and procedures to protect the organization's cloud-based assets Monitor and analyze security vulnerabilities and threats in the cloud environment Conduct regular security assessments and audits to identify and address potential risks Collaborate with cross-functional teams to ensure compliance with industry standards and regulatory requirements Manage incident response and resolution processes related to cloud security incidents Stay up-to-date on the latest security trends and technologies to enhance the organization's cloud security posture Qualifications: Bachelor's degree in Computer Science, Information Technology, or related field Certified Network Associate in Cloud Security (CNAPS) certification Certified Security Professional Manager (CSPM) certification Minimum of X years of experience in cloud security management in a large enterprise environment Strong knowledge of cloud security best practices, tools, and technologies Excellent communication and interpersonal skills Ability to work effectively in a fast-paced and dynamic environment