Cloud Security Engineer (AWS Focus) IRC297110

Description

Join GlobalLogic, to be a valid part of the team working on a huge software project for the world-class company providing M2M / IoT 4G/5G modules e.g. to the automotive, healthcare and logistics industries. Through our engagement, we contribute to our customer in developing the end-user modules’ firmware, implementing new features, maintaining compatibility with the newest telecommunication and industry standards, as well as performing analysis and estimations of the customer requirements.

Requirements

Role Summary

• The Cloud Security Engineer is responsible for securing AWS cloud environments by implementing proactive vulnerability management, patching strategies, and security controls.
• This role partners with CloudOps, DevOps, and Engineering teams to reduce risk exposure, automate remediation, and maintain a strong cloud security posture across production systems.
• This position emphasizes continuous vulnerability detection, patching, and remediation automation in alignment with enterprise security standards and compliance requirements

Required Qualifications

• 6-8+ years of experience in Cloud Security, DevSecOps, or Infrastructure Security roles
• Strong hands-on expertise in AWS security services: IAM, Security Hub, GuardDuty, Inspector, Config, VPC security, NACLs, WAF, Shield
• Experience with vulnerability management and remediation at scale
• Proven experience with patching strategies across cloud workloads
• Hands-on knowledge of Infrastructure as Code (Terraform, CloudFormation)
• Strong scripting/automation skills (Python, Bash, or PowerShell)
• Experience integrating security into CI/CD pipelines
• Experience with Kubernetes/EKS security and container vulnerability scanning
• Familiarity with tools such as Qualys, Nessus, Prisma, Orca, or similar
• Knowledge of compliance frameworks (NIST, CIS Benchmarks, ISO 27001)
• Experience with SIEM/SOAR platforms
• AWS Security Specialty Certification or equivalent
• Strong analytical and problem-solving capabilities
• Ability to prioritize and manage vulnerabilities based on business risk
• Excellent cross-team collaboration with CloudOps, SRE, and Dev teams
• Clear communication for both technical and leadership audiences
• Experience in large-scale AWS environments with multi-account governance
• Background in automated remediation frameworks and event-driven security (Lambda-based fixes, pipeline enforcement)
• Exposure to 24×7 operations and offshore/global handoff models
• Reduced vulnerability backlog and faster MTTR for security issues
• Improved patch compliance across environments
• Increased automation of remediation workflows
• Strengthened overall cloud security posture

Job responsibilities

Key Responsibilities

Cloud Security & Architecture

• Design and implement secure AWS architectures (IAM, VPC, security groups, encryption, network segmentation)
• Enforce security best practices across multi-account AWS environments
• Integrate security controls into CI/CD pipelines and Infrastructure-as-Code (IaC)

Vulnerability Management & Remediation

• Perform continuous vulnerability scanning across cloud infrastructure and workloads
• Analyze risks and prioritize remediation actions based on severity and impact
• Execute and track vulnerability remediation, including system hardening and configuration fixes
• Partner with engineering teams to eliminate recurring security issues and misconfigurations

Patch Management & Security Operations

• Manage OS and application patching across cloud infrastructure (EC2, container images, Kubernetes, etc.)
• Automate patch deployment using tools such as AWS Systems Manager, Ansible, or Terraform
• Respond to critical vulnerabilities and zero-day threats with rapid mitigation strategies
• Maintain asset inventory and patch compliance tracking

Monitoring & Incident Response

• Configure and manage security monitoring tools (e.g., GuardDuty, Security Hub, CloudWatch)
• Configure and manage security software (Anti-virus, logging, etc)
• Investigate security alerts and support incident response processes
• Collaborate with Global/Offshore teams for 24×7 security operations and escalation

Automation & DevSecOps Integration

• Build automated remediation workflows using Lambda, Terraform, CI/CD pipelines
• Embed security checks into pipelines (static analysis, vulnerability scans, compliance validation)
• Continuously improve runbooks and security automation processes

Compliance & Governance

• Support compliance initiatives (e.g., SOC2, ISO, PCI, FedRAMP as applicable)
• Enforce logging, auditing, and governance policies
• Conduct security reviews and risk assessments for new systems
• Knowledgeable backgroud in Web Application Firewalls

What we offer

Exciting Projects: We focus on industries like High-Tech, communication, media, healthcare, retail and telecom. Our customer list is full of fantastic global brands and leaders who love what we build for them.

Collaborative Environment: You Can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities!

Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules, opportunities to work from home, and paid time off and holidays.

Professional Development: Our dedicated Learning & Development team regularly organizes Communication skills training(GL Vantage, Toast Master),Stress Management program, professional certifications, and technical and soft skill trainings.

Excellent Benefits: We provide our employees with competitive salaries, family medical insurance, Group Term Life Insurance, Group Personal Accident Insurance , NPS(National Pension Scheme ), Periodic health awareness program, extended maternity leave, annual performance bonuses, and referral bonuses.

Fun Perks: We want you to love where you work, which is why we host sports events, cultural activities, offer food on subsidies rates, Corporate parties. Our vibrant offices also include dedicated GL Zones, rooftop decks and GL Club where you can drink coffee or tea with your colleagues over a game of table and offer discounts for popular stores and restaurants!

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.