TC-CS-CDR-Cloud Security Specialist-Senior

Job Title: Senior Cloud Security Specialist

Role Overview:

The Senior Cloud Security Specialist will serve as a technical leader in cloud security operations, responsible for designing and implementing advanced threat detection and mitigation strategies across multi-cloud environments. This role demands deep expertise in cloud-native and CNAPP technologies, incident response, and forensic investigation. The SME will collaborate with Security Engineering & Architecture, CSOC, and governance teams to ensure a resilient and compliant cloud security posture.

Key Responsibilities:

• Threat Detection & Investigation
• Deploy and optimize cloud-native and third-party threat detection platforms (e.g., AWS GuardDuty, Azure Defender, GCP SCC).
• Investigate alerts using telemetry, behavioral analytics, and AI/ML-based anomaly detection.
• Align detection logic with MITRE ATT&CK, NIST SP 800-53, and CSA CCM frameworks
• Rule Creation & CNAPP Integration
• Author and tune detection rules leveraging CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
• Integrate CNAPP telemetry into SIEM/SOAR workflows for automated response
• Mitigation Strategy Development
• Design and implement dynamic playbooks for threat containment and remediation.
• Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines.
• Incident Response & Forensics
• Lead incident triage and root cause analysis across cloud environments.
• Conduct forensic investigations using cloud-native tools and third-party platforms.
• Document findings and contribute to post-incident reviews and continuous improvement
• Security Architecture & Governance
• Provide guidance on secure cloud architecture, access controls, and data protection.
• Ensure compliance with ISO 27001, HIPAA, GDPR, and internal governance policies

Required Skills & Abilities:

• Deep expertise in AWS, Azure, GCP, and OCI cloud security services.
• Hands-on experience with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca).
• Proficiency in threat detection rule creation, tuning and alert response leveraging tools such as CrowdStrike, Wiz Defend, AWS GuardDuty, etc.
• Respond to Kubernetes and Cloud Container threat alerts (e.g., unusual API invocations) and tune detection rules accordingly
• Strong knowledge of SIEM/SOAR platforms (e.g., Splunk, Sentinel, Elastic, Tines).
• Experience in cloud forensics and incident response workflows.
• Familiarity with infrastructure-as-code (IaC) tools (Terraform, CloudFormation).
• Strong analytical, investigative, and documentation skills.
• Excellent communication and leadership abilities.

Preferred Qualifications:

• 8+ years in cybersecurity, with 3+ years focused on cloud security.
• Certifications: CISSP, CCSP, AWS Security Specialty, Azure Security Engineer, GCIH, GCIA.
• Experience in a 24x7 SOC or threat management environment.
• Proven track record of mentoring and leading technical teams.