2,323 Cloud Security Specialists jobs in India

Level: L3

• The Cloud Security and DLP SME is responsible for managing and optimizing DLP policies across endpoints, cloud services, Web, Network and collaboration platforms:
• Review and fine-tune existing DLP policies to reduce false positives and improve detection accuracy.
• Collaborate with Customer business stakeholder and cross functional tower leads to identify new policy requirements and prioritize them in the DLP backlog
• Implement policy changes through structured change management processes
• Monitor and triage high and critical severity DLP alerts on a daily basis (typically 8x5 coverage)
• Investigate incidents, validate true positives, and escalate as needed to SOC or compliance teams.
• Provide feedback to improve alert logic and reduce noise
• Participate in monthly and quarterly governance reviews to present DLP performance, SLA adherence, and improvement plans
• Deliver monthly service reports and strategic recommendations to client stakeholders
• Track KPIs such as alert volumes, policy effectiveness, and incident closure rates.
• Work closely with SOC teams, security architects, and compliance leads to align DLP controls with business and regulatory requirements
• Support onboarding of new data sources and integration
• Contribute to transformation initiatives such as AI-led enrichment and automation of DLP workflowsTool / Technology: MS Sentinel and LogicApps

Experience:

• 3-5 years of experience in cloud security engineering or related roles.
• Hands-on experience with cloud environments (AWS, Azure, Google Cloud Platform) and their security tools.
• Proficiency in cloud security best practices and concepts, including network security, identity and access management (IAM), encryption, and threat detection.

Technical Skills:

• Expertise in using Prisma Cloud or similar CSPM/CWP platforms for continuous monitoring and security.
• Knowledge of container security (e.g., Docker, Kubernetes) and workload protection.
• Familiarity with cloud-native services for security (e.g., AWS GuardDuty, Azure Security Center).
• Ability to configure and manage security policies, alerts, and compliance checks within cloud environments.
• Experience with security automation and scripting (e.g., Python, Bash) is a plus.

Stay updated for more insights and innovations by following us on LinkedIn:
eSec Forte Technologies

Level: L3

• The Cloud Security and DLP SME is responsible for managing and optimizing DLP policies across endpoints, cloud services, Web, Network and collaboration platforms:
• Review and fine-tune existing DLP policies to reduce false positives and improve detection accuracy.
• Collaborate with Customer business stakeholder and cross functional tower leads to identify new policy requirements and prioritize them in the DLP backlog
• Implement policy changes through structured change management processes
• Monitor and triage high and critical severity DLP alerts on a daily basis (typically 8x5 coverage)
• Investigate incidents, validate true positives, and escalate as needed to SOC or compliance teams.
• Provide feedback to improve alert logic and reduce noise
• Participate in monthly and quarterly governance reviews to present DLP performance, SLA adherence, and improvement plans
• Deliver monthly service reports and strategic recommendations to client stakeholders
• Track KPIs such as alert volumes, policy effectiveness, and incident closure rates.
• Work closely with SOC teams, security architects, and compliance leads to align DLP controls with business and regulatory requirements
• Support onboarding of new data sources and integration
• Contribute to transformation initiatives such as AI-led enrichment and automation of DLP workflowsTool / Technology: MS Sentinel and LogicApps

Job Description
Job Title:
Cloud Security & Defense

About the Function:
Our Digital and Technology (D&T) team are innovators, delivering ground-breaking solutions that will help build the future of our iconic brands. Technology touches every part of our business, from the sourcing of balanced ingredients to marketing and development of our online platforms. We utilise data insights to build competitive advantage, supporting our people to deliver value faster.

Our D&T team includes some of the most dedicated digital professionals in the industry. Every day, we come together to push boundaries and innovate, crafting the digital solutions of tomorrow. Whatever your passion, we'll help you become the best you can be, crafting career-defining work and delivering breakthrough thinking.

About The Role
Roles in this job family build, develop, implement and coordinates Diageo's information security and cyber resilience strategy by evaluating, testing and monitoring security policies, procedures and systems. They typically have specific skills in IT and cyber security and risk assessment, and well as specialist skills in mitigation and fixes to potential vulnerabilities as detected. These roles will also be involved in continuity planning, containment and restoration of service planning.

Role Responsibilities

• The Offensive Security Lead, you will own and drive internal offensive security capabilities within AABDS, including internal red teaming, breach and attack simulation (BAS), and controls validation. This role is essential to proactively identifying vulnerabilities, simulating adversarial behavior (including APT tactics), and validating the effectiveness of security controls across IT, Cloud, and OT environments.
• Design, lead, and implement internal offensive security operations including:
• Red teaming (internal adversary simulation)
• Breach and Attack Simulation (BAS)
• Control efficiency validation (e.g., MFA bypass, EDR evasion)
• Develop threat-informed scenarios aligned to MITRE ATT&CK, APT profiles, and business-critical applications
• Build and maintain test cases and automation frameworks for continuous controls validation
• Collaborate with CTI and SOC teams to replay real-world threats and evaluate detection efficacy
• Maintain up-to-date knowledge of zero-day exploits, evasion techniques, and offensive tooling
• Provide technical reports, risk summaries, and executive presentations based on offensive findings
• Participate in post-incident reviews to simulate attacker replay and verify containment efficiency
• Partner with VM, Cloud, and Application Security teams to ensure offensive findings are closed via remediation or compensating controls
• Own and improve internal offensive tooling stack, including safe use of open-source and commercial platforms

Experience / Skills Required

• 6+ years in cybersecurity, with 4+ years in offensive security / red teaming / penetration testing
• Hands-on experience with tools such as Cobalt Strike, Metasploit, BloodHound, Caldera, Atomic Red Team, MITRE ATT&CK Navigator, FireCompass, Pentera, or equivalent
• Solid understanding of network security, Windows/AD, cloud environments (Azure/AWS), containers, web application security, and MITRE ATT&CK
• Experience with BAS platforms or custom adversary emulation scripting (Python, PowerShell)
• Strong analytical skills; able to correlate offensive outcomes with real-world business impact
• Familiarity with SOC operations, detection engineering, threat hunting, and CTI workflows
• Excellent communication and reporting skills, including experience addressing senior partners (e.g., CISO, Risk Committees)

Flexible Working Statement:
Flexibility is key to our success. From part-time and compressed hours to different locations, our people work flexibly in ways to suit them. Talk to us about what flexibility means to you so that you're supported from day one.

Diversity statement:
Our purpose is to celebrate life, every day, everywhere. And creating an inclusive culture, where everyone feels valued and that they can belong, is a crucial part of this.

We embrace diversity in the broadest possible sense. This means that you'll be welcomed and celebrated for who you are just by being you. You'll be part of and help build and champion an inclusive culture that celebrates people of different gender, ethnicity, ability, age, sexual orientation, social class, educational backgrounds, experiences, mindsets, and more.

Our ambition is to create the best performing, most trusted and respected consumer products companies in the world. Join us and help transform our business as we take our brands to the next level and build new ones as part of shaping the next generation of celebrations for consumers around the world.

Feel inspired? Then this may be the opportunity for you.

If you require a reasonable adjustment, please ensure that you capture this information when you submit your application.
Worker Type
Regular

Primary Location:
Bangalore Karle Town SEZ

Additional Locations :
Job Posting Start Date

Level: L3

• The Cloud Security and DLP SME is responsible for managing and optimizing DLP policies across endpoints, cloud services, Web, Network and collaboration platforms:
• Review and fine-tune existing DLP policies to reduce false positives and improve detection accuracy.
• Collaborate with Customer business stakeholder and cross functional tower leads to identify new policy requirements and prioritize them in the DLP backlog
• Implement policy changes through structured change management processes
• Monitor and triage high and critical severity DLP alerts on a daily basis (typically 8x5 coverage)
• Investigate incidents, validate true positives, and escalate as needed to SOC or compliance teams.
• Provide feedback to improve alert logic and reduce noise
• Participate in monthly and quarterly governance reviews to present DLP performance, SLA adherence, and improvement plans
• Deliver monthly service reports and strategic recommendations to client stakeholders
• Track KPIs such as alert volumes, policy effectiveness, and incident closure rates.
• Work closely with SOC teams, security architects, and compliance leads to align DLP controls with business and regulatory requirements
• Support onboarding of new data sources and integration
• Contribute to transformation initiatives such as AI-led enrichment and automation of DLP workflowsTool / Technology: MS Sentinel and LogicApps

Role & responsibilities: Cloud Security & GCP

Design and implement a robust cloud security architecture across multiple cloud platforms (e.g., AWS, Azure, GCP).

Develop and maintain a comprehensive cloud security strategy, roadmap, and policies aligned with business objectives and industry best practices.

Provide expert guidance and consultation on all cloud security matters to internal teams and stakeholders.

Conduct regular security assessments, penetration testing, and vulnerability scanning to identify and remediate weaknesses in the cloud environment.

Deep understanding of cloud security principles, architecture, and services.

Hands-on experience with security services within GCP Azure AWS

Strong knowledge of networking concepts

Experience with Infrastructure as Code (IaC) tools like Terraform or CloudFormation.

Deploy and manage core GCP services, including Compute Engine, GKE, Cloud Storage, and Cloud SQL.

Design and implement scalable, secure, and reliable cloud solutions on GCP.

Provide expert guidance on the selection and use of GCP services to meet business requirements.

Cloud Security (GCP) Engineer

Role Type - FTE

Location - Hyderabad (WFO_Hybrid for now, will change to full time)

Shift - 12PM to 9PM/12:30PM to 9:30PM

NP - 0 to 15 days

Mandate Qualifications:

• Educational Background: Bachelor's degree in Computer Science, Information Technology, or a related field.
• Professional Experience: Minimum of 3 years in cloud security engineering, focusing on GCP environments.

Technical Proficiency:

• Strong DevOps experience in GCP cloud with experience in DevSecops and related tools,
• Understanding of application vulnerability and exposure to sast/dast tools. scripting (python, java) and software development experience
• Strong cloud infrastructure & DevOps hands-on experience in GCP.
• Hands on experience in infrastructure (systems/backups/storage/vmware/db/networking) is a plus
• Exposure to security incident management and vulnerability mgmt with an eye for scripting/automation is required.

Certifications:

• Relevant certifications such as Google Professional Cloud Security Engineer, Certified Kubernetes Security Specialist (CKS), or similar are preferred.

Key Responsibilities:

• Design and Implement Cloud Security Measures: Develop and enforce security policies and procedures for cloud-based systems, ensuring compliance with industry standards and best practices.
• Educate and Transition Security Frameworks: Guide teams in migrating existing on-premises security frameworks, such as Rubric, to cloud environments, ensuring seamless integration and functionality.
• Manage Secure Backup and Restore Processes: Oversee and enhance secure backup and restoration procedures for cloud-based data and applications.
• Infrastructure as Code Development: Utilize Terraform to automate the provisioning and management of cloud infrastructure, ensuring scalability and reliability.
• CI/CD Pipeline Integration: Collaborate with development teams to integrate security measures within Continuous Integration/Continuous Deployment pipelines.
• Complex Workload Restoration: Develop and implement strategies for restoring complex workloads in cloud environments, ensuring minimal downtime and data integrity.
• Advanced Cloud Services Management: Leverage advanced cloud services to optimize cloud resources' performance, security, and cost-efficiency.
• Kubernetes Security Oversight: Manage and secure containerized applications orchestrated through Kubernetes, ensuring adherence to security best practices.

Pl share your resume to or call

Our Client is a professional services firm, is the Indian member firm affiliated with International and was

established in September 1993. Our professionals leverage the global network of firms, providing detailed

knowledge of local laws, regulations, markets, and competition. Our client has offices across India in Ahmedabad,

Bengaluru, Chandigarh, Chennai, Gurugram, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, and Vadodara.

Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid,

performance-based, industry-focused, and technology-enabled services, which reflect a shared knowledge of global

and local industries and our experience of the Indian business environment.

Our client's Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector

bodies to mitigate risk, improve performance, and create value. Our client provide a wide range of Risk Advisory

and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies

for the longer term.

Projects in IT Advisory focus on the assessment and/or evaluation of IT systems and the mitigation of IT-related

business risks. They are either IS audit, SOX reviews, Internal audit engagements, IT infrastructure review and/or risk

advisory including but not limited to IT audit supports in nature.

Requirements

Experience with cloud platforms, risk assessment tools, identity management, and data encryption.

(2) Develop standards, procedures, and guidelines for multiple platforms and diverse environments (e.g., client-

server, distributed, mainframe).

(3) Knowledge of network security architecture concepts, including topology, protocols, components, and

principles

(4) Professional certification such as Certified Information Systems Security Professional (CISSP) or Certified

Information Security Manager (CISM).

(5) Plan, study, and design a robust security architecture for various IT projects.

(6) Develop prerequisites for networks, firewalls, routers, and other network devices.

(7) Perform security testing, and risk analysis.

(8) Research and implement updated security standards, systems, and best practices.

(9)Create standards for all IT assets, such as routers, firewalls, LANs, WANs, VPNs, and other network devices.

(10) Proficient in Python, Terraform, and DevOps pipeline setup

Will be preferred

1. Technical certification on Security (AWS Security, Azure Security, GCP Security certifications)

(2) Terraform associate, SysOps certifications or similar

(3) Experience on securing network, data, and access. Experience with security frameworks and standards (e.g.,

NIST, CIS, ISO 27001)

(4) Relevant certifications such as CISA, CISSP, CISM, or similar

• Education 60% above throughout academics

• One 3 years (at least) regular course is must either Diploma or Graduation

• Course: B.E. / B. Tech / MCA / BCA/ M. Tech / MBA degree or equivalent

Benefits

Work with one of the Big 4's in India

Healthy work Environment

Work-Life Balance