Cloud Security Engineer (aws)

Job Description We are a fast-growing software product company building cloud-native applications on AWS.

We are looking for an experienced Cloud Security Engineer to strengthen our security posture across our cloud infrastructure, applications, and development pipelines. The role will focus on cloud security architecture, application security testing, vulnerability management, and regulatory compliance.

The ideal candidate should have strong experience in AWS security services, Dev Sec Ops practices, security testing (SAST/DAST), container security, and compliance frameworks such as SOC2, GDPR, and HIPAA. You will work closely with engineering, Dev Ops, and product teams to identify security risks, implement security controls, run security assessments, and ensure our platform meets industry security standards.

Key Skills &

Responsibilities 1.

AWS Cloud Security Strong knowledge of AWS security services including AWS Inspector, AWS Cloud Trail, Guard Duty, Security Hub, IAM, and VPC security, with the ability to monitor, detect, and remediate cloud security risks. 2.

Application Security Good understanding of OWASP Top 10 vulnerabilities, secure API design, authentication and authorization mechanisms such as OAuth and JWT, and best practices for securing web applications and APIs. 3.

Static Security Testing (SAST) Experience implementing and running static code analysis tools such as Sonar Qube, Snyk, or Checkmarx to detect vulnerabilities early in the development lifecycle. 4.

Dynamic Security Testing (DAST) Hands-on experience performing dynamic application security testing using tools like OWASP ZAP or Burp Suite to identify runtime vulnerabilities in web applications and APIs. 5.

Container Security Experience securing Docker-based workloads, performing container image vulnerability scanning using tools such as Black Duck, Prisma Cloud, and implementing container security best practices. 6.

Compliance & Security Audits Experience supporting or implementing controls required for SOC2, GDPR, and HIPAA compliance, including security documentation, audit readiness, and risk assessments. 7.

Penetration Testing & Vulnerability Management Experience conducting VAPT assessments, analyzing security findings, prioritizing vulnerabilities based on risk, and coordinating remediation with development and infrastructure teams.

Preferred Qualifications Experience: 3–5 Years Experience working in cloud-native or Saa S product companies. Familiarity with Dev Sec Ops practices and CI/CD security integration. Knowledge of API security, encryption standards, and secure architecture design.

Location: Bangalore (Open for relocation after few months to Bangalore)