Cloud Security Engineer
HighRadius Technologies, Inc.Full Timemid
Hyderabad, Telangana, IndiaPosted 4 days ago
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
AWSGCPAzureKubernetesTerraformAnsibleLinux
Sign up free to auto-tailor your resume with all these keywords and get a higher ATS score
Job Description
<h2><span style="font-size: 10pt;"><strong>Job Summary:</strong></span></h2>
<p><span style="font-size: 10pt;">We are seeking a skilled Cloud Security Engineer to support Identity and Access Management (IAM) operations, cloud key management, secrets management, and security automation across multi-cloud environments, including Azure, AWS, and GCP. This role will also be responsible for implementing cloud security controls, managing network security operations, and administering firewalls on Fortigate platforms. The Cloud Security Engineer will ensure secure identity governance, controlled access, network segmentation, and policy-driven guardrails that align with enterprise security standards.</span></p>
<h2><span style="font-size: 10pt;">Key Responsibilities:</span></h2>
<h3><span style="font-size: 10pt;">Identity & Access Management (IAM)</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Execute IAM operations, including provisioning, access troubleshooting, RBAC/ABAC configurations, and access recertifications.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Manage and implement AWS Service Control Policies (SCPs) to enforce governance and guardrails.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Build and manage Azure Policies (definitions, initiatives, assignments) in accordance with compliance regulations.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Support IAM architecture across Azure AD/Entra ID, AWS IAM, GCP IAM, and the enterprise Identity Center.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Assist with IAM incident response and Level 2 escalations.</span></li>
</ul>
<h3><span style="font-size: 10pt;">Key Management & Secrets/Vault Operations</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Operate cloud KMS platforms, including Azure Key Vault and AWS KMS, focusing on key rotation, key policies, and certificates/PKI operations.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Enforce cryptographic standards (RSA, AES, ECC), manage TLS certificate lifecycles, and ensure secure key access patterns.</span></li>
</ul>
<h3><span style="font-size: 10pt;">Cloud Security (Azure / AWS / GCP)</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Implement cloud security baselines, guardrails, and compliance controls in line with CIS, NIST, and ISO27001 standards.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Support network and security posture configuration utilizing tools such as Wiz and Prisma.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Configure and troubleshoot cloud-native firewalls, Network Security Groups (NSGs), routing, and segmentation.</span></li>
</ul>
<h3><span style="font-size: 10pt;">Network Security (Fortigate)</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Manage, monitor, and troubleshoot Fortigate firewalls, including security policies, NAT, VPN (IPsec/SSL), and routing.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Oversee IPS/IDS configurations and threat profiles.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Ensure high availability operations (Active/Passive).</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Support network segmentation, micro-segmentation, and Zero Trust enforcement.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Participate in firewall rule reviews, change management, and impact assessments.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Analyze traffic flows, logs, and events using FortiAnalyzer tools.</span></li>
</ul>
<h3><span style="font-size: 10pt;">Automation & Infrastructure as Code</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Develop Terraform modules for IAM, KMS, vault, firewall policies, and cloud security controls.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Create Ansible playbooks to automate secret rollout, certificate deployments, firewall configurations, and configuration baselines.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Support Kubernetes environments, focusing on secret management, RBAC, service accounts, workload identity, and Vault injector integration.</span></li>
</ul>
<h3><span style="font-size: 10pt;">Documentation & Governance</span></h3>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Maintain Standard Operating Procedures (SOPs), runbooks, architecture diagrams, and compliance documentation.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Support internal audits, security reviews, and posture reporting.</span></li>
</ul>
<h2><span style="font-size: 10pt;">Required Skills and Experience:</span></h2>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Hands-on experience with Terraform and Ansible.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Looking for 5 - 7 Years of experience.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong understanding of identity protocols, including SAML, OAuth2, OIDC, LDAP, and Kerberos.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Experience with Azure AD/Entra ID, AWS IAM, and GCP IAM.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Expertise in HashiCorp Vault, Azure Key Vault, and AWS KMS.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Proficiency in Kubernetes RBAC, secrets management, and workload identity management.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Solid understanding of PKI, TLS certificates, and cryptographic primitives.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong Linux administration skills (RHEL/CentOS/Rocky Linux).</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Familiarity with firewall technologies, particularly Fortigate (firewall/NAT/VPN/IPS/URL filtering) and cloud security controls across Azure, AWS, and GCP.</span></li>
</ul>
<h2><span style="font-size: 10pt;">Desired/Bonus Skills:</span></h2>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Certifications in Azure Security Engineer, AWS Security, or GCP Security.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Network Security certification, such as Fortinet NSE (NSE4+).</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">AWS Security Specialty certification.</span></li>
</ul>
<p> </p>
About HighRadius Technologies, Inc.
HighRadius Technologies, Inc.
highradius.com
SecurityOn-site
Want AI-powered job matching?
Upload your resume and get every job scored, your resume tailored, and hiring manager emails found - automatically.
Get Started Free