Junior Cloud Security Engineer

Junior Cloud Security Engineer | Bengaluru (Hybrid)

Metaforge IT Solutions is seeking an enthusiastic Junior Cloud Security Engineer to join our team in Bengaluru. This hybrid role is perfect for an early-career professional eager to build a strong foundation in cloud security. You will be instrumental in safeguarding our enterprise cloud environments, including AWS, Azure, and GCP.

In this position, you will support the implementation of robust security measures, uphold cloud security best practices, and ensure adherence to critical regulatory requirements. Collaborating closely with senior engineers and cross-functional teams, you will help identify potential risks, respond effectively to security alerts, and contribute significantly to enhancing our overall cloud security posture. This is an excellent opportunity to grow your cloud security expertise while defending vital cloud infrastructure against emerging threats.

Key Responsibilities:

• Assist in the implementation and upkeep of cloud security controls and reference architectures for AWS, Azure, and GCP, adhering to organizational security policies and industry standards.
• Support Cloud Security Posture Management (CSPM) by actively monitoring for basic misconfigurations, vulnerabilities, and compliance issues across cloud environments.
• Help maintain comprehensive documentation for cloud security standards and guidelines, and contribute to fostering secure cloud adoption practices.
• Partner with development, DevOps, and infrastructure teams to integrate essential security checks into CI/CD pipelines and cloud-native applications.
• Assist in conducting risk assessments, basic threat modeling, and security reviews for cloud-based solutions and third-party services.
• Aid in tracking and documenting compliance with relevant frameworks (e.g., SOX, GDPR, PCI-DSS, HIPAA) as they pertain to cloud operations.
• Support the evaluation and utilization of cloud security tools such as CASB, IAM, and cloud-native security services, under the guidance of senior team members.
• Contribute to responding to internal and external audits by meticulously gathering documentation and evidence of cloud security controls.
• Participate in delivering cloud security awareness training and informative briefings for team members and key stakeholders.
• Proactively stay informed about the latest cloud security trends, emerging threats, and advancements in technologies to continuously improve our cloud security practices.

Technical Skills and Experience:

• 1–3 years of practical experience with cloud platforms (AWS, Azure, or GCP), including the deployment and security of basic workloads.
• Familiarity with key cloud security tools and technologies like CASB, firewalls, encryption, and virtualization security.
• A foundational understanding of secure software development practices and the integration of security within CI/CD pipelines.
• Knowledge of identity and access management (IAM), network security, and data protection principles within cloud environments.
• Exposure to security monitoring and basic incident response procedures in cloud contexts.
• Familiarity with Infrastructure as Code (IaC) and configuration management tools is considered a plus.

Compliance, Risk Management, and Frameworks:

• A basic understanding of regulatory requirements and data privacy laws pertinent to cloud environments (such as SOX, GDPR, PCI-DSS, HIPAA).
• Experience supporting risk management, security assessments, or audit activities for cloud platforms is a plus.
• Familiarity with security frameworks like NIST, ISO/IEC 27001, or CSA Cloud Controls Matrix is desirable.

Qualifications and Certifications:

• Bachelor’s degree in Computer Science, Information Security, or a related technical field is required.
• 3–4 years of experience in IT or information security, with a minimum of 1 year specifically focused on cloud security or engineering.
• Relevant entry-level or associate security certifications are preferred, such as CompTIA Security+, AWS Certified Security – Foundational, Azure Fundamentals, or Google Associate Cloud Engineer.
• A strong willingness to pursue further professional development and advanced cloud security training.

Interpersonal and Team Skills:

• Excellent verbal and written communication skills, with the ability to articulate technical concepts to diverse audiences.
• A demonstrated ability to collaborate effectively with IT, development, and compliance teams.
• Possesses an analytical mindset and a keen eagerness to learn, coupled with a proactive approach to enhancing cloud security practices.
• An interest in mentoring, knowledge sharing, and a commitment to fostering a strong culture of security awareness.