Cyber Security Analyst

Greetings from TCS!!!

TCS Bangalore hiring for Cyber Security SME – Cloud and API Security !!!!!

Role: Cyber Security SME – Cloud and API Security

Experience required: 5 to 9 years

Location:- Bangalore

Required technical Skillset:-

1. Understanding and Experience in designing/ developing security solutions in Cloud technologies like AWS and Azure.
2. Design, implement and manage security solutions for Cloud API gateway, WAF. Design and Implement Network, Application security groups, Firewall policies/ Rules, cloud based IAM solutions.
3. Understanding and experience in SIEM/SOAR technologies, IAM/ PAM, EDR/XDR, IPS/IDS technologies, Azure Sentinel, Microsoft Defender, AWS Security Hub, Cloud watch, Guard Duty etc.
4. Knowledge of cyber security frameworks such as MITRE, CSA, ISO 27001, NIST Cybersecurity Framework, OWASP standards and CIS benchmark controls.
5. Ability to work as a team player to identify deficiencies in cloud security posture, find out root causes, and design effective solutions
6. Foster strong collaboration inside Cloud Security team and peer groups, provide expertise in cloud and API security implementations.

Role Description:-

1. Design, implement, manage, and secure Cloud and API security solutions for multi cloud-based and High-availability implementations.
2. Engages with cross-functional teams to understand cloud security implementation requirements and prepare the high-level approach for the implementation.
3. Evaluate Cloud security posture on continuous basis, perform gap analysis and provide improvement recommendations.
4. Provide technical expertise and support for incident response for cloud security related security issues.
5. Conduct VA and CSPM assessments for Cloud based engagements, classify the finding with their severity and work towards the mitigation plan.
6. A good understanding of Privileged Access Management solutions, Microsoft Azure EntraID concepts, MFA, SSO, Conditional Access, Octa, Lambda, API Gateway, Application Gateway, Container security, Azure Sentinel, Microsoft Defender, AWS Security Hub, Cloud watch, Guard Duty etc. Should be able to provide subject matter expertise in the mentioned area.
7. Understanding of authentication and authorization protocols such as Oauth and JWT. Familiarity of API security implementation using OWASP/ NIST API security standards.
8. Experience in API management solutions such as Postman, Apigee, MuleSoft and programming languages such as Python.
9. Collaborate with vendors and cybersecurity teams to envision new best practices aligned to industry standards and regulations.
10. Stay relevant with the latest security trends, threats, and best practices, and use the knowledge for enhancing cloud implementation security posture.
11. Good to have Certifications: - Azure Security Specialty, AWS Solution Architect, AWS Security Specialty