Job Description

Key Responsibilities

• Monitor and respond to security alerts across multi-cloud platforms (AWS, Azure, GCP) and on-prem infrastructure.
• Lead incident investigations involving cloud misconfigurations, IAM abuse, container threats, and infrastructure vulnerabilities.
• Perform forensic analysis and root cause investigations across cloud workloads, virtual machines, and network devices.
• Develop and maintain cloud-specific incident response playbooks and automation scripts.
• Collaborate with cloud engineering, DevOps, and infrastructure teams to contain and remediate threats.
• Conduct threat hunting and proactive risk assessments in cloud-native and hybrid environments.
• Integrate and optimize cloud-native security tools (e.g., AWS GuardDuty, Azure Sentinel, GCP Security Command Center).
• Stay current with evolving cloud threats, zero-day vulnerabilities, and attack vectors targeting infrastructure.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• 5+ years of experience in incident response or SOC roles, with a focus on cloud and infrastructure security.
• Hands-on experience with cloud platforms (AWS, Azure, GCP) and their security services.
• Strong understanding of cloud networking, IAM, container security (Kubernetes, Docker), and virtualization.
• Familiarity with SIEM, EDR, WAF and log aggregation tools in cloud and hybrid environments.
• Knowledge of incident response frameworks (NIST, SANS) and MITRE ATT&CK for cloud.
• Excellent analytical, communication, and documentation skills.

͏

Do

• Ensuring customer centricity by providing apt cybersecurity 

• Monitoring and safeguarding the log sources and security access
• Planning for disaster recovery in the event of any security breaches
• Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
• Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems
• Conduct security assessments, risk analysis and root cause analysis of security incidents
• Handling incidents escalated by the L1 team in 24x7 rotational shifts
• Use advanced analytics tools to determine emerging threat patterns and vulnerabilities
• Completing all tactical security operations tasks associated with this engagement.
• Analyses all the attacks and come up with remedial attack analysis
• Conduct detailed analysis of incidents and create reports and dashboards

• Stakeholder coordination & audit assistance

• Liaise with stakeholders in relation to cyber security issues and provide future recommendations
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues
• Advice and guidance to employees on issues such as spam and unwanted or malicious emails

͏

Deliver

͏

͏