Lead Cloud Security Engineer

InMobi is seeking a Lead Cloud Security Engineer to join its evolving cybersecurity group in Bengaluru. This team is dedicated to establishing industry benchmarks in managing and mitigating digital risks within a Cloud Native, DevOps-only environment. As a specialized unit, every member has the opportunity to work across diverse domains, with the autonomy to challenge existing practices and elevate cyber maturity.

The team's core competencies lie in Product & Platform Security, Cloud Native Risk Management, and Detection & Response. We are looking for an individual with a strong security mindset, capable of thinking like an attacker, and possessing familiarity with industry-standard information security practices, modern automation tools, and cloud environments.

Responsibilities:

• Lead and enhance the Cloud Security Posture Management (CSPM) program, focusing on continuous improvement of cloud security configurations aligned with global standards such as NIST CSF, ISO 27001, ISO 31000, and Cloud Security Alliance guidelines.
• Evolve and refine detection policies within CSPM to optimize detection capabilities and define technical standards for remediating identified cloud stack vulnerabilities.
• Own and manage an integrated vulnerability management dashboard to provide clear visibility into technical debt.
• Develop and mature the security stack to support a multi-cloud strategy in a high-density containerized environment.
• Customize hardening standards based on CIS benchmarks and evolving technology stacks.
• Engineer and promote the adoption of Infrastructure as Code (IaC) in the pre-provisioning phase and Policy as Code (PaaC) for continuous monitoring of risk configuration changes.
• Conduct risk assessments of proposed and existing cloud architectures, ensuring compliance with cloud security policies, procedures, and standards, and recommending controls for risk mitigation.
• Design and develop frameworks and solutions to secure CI/CD pipelines.
• Test, review, and implement container security on platforms like GKE, EKS, or AKS.
• Collaborate with infra/product engineering teams to define baseline security configurations, establish continuous visibility for detecting misconfigurations and vulnerabilities reported by CSPM, and mature remediation practices.
• Serve as a Subject Matter Expert (SME) in the analysis, assessment, development, and evaluation of security solutions and architectures for applications, operating systems, databases, and networks.
• Liaise with cloud vendors and external security researchers to address security gaps in InMobi's cloud infrastructure.
• Develop, monitor, and manage cloud performance and hygiene metrics, including Key Control Indicators (KCI), Key Performance Indicators (KPI), and Key Risk Indicators (KRI).
• Prepare and deliver security training and awareness programs for engineering teams.

Qualifications:

• 4-6 years of experience in cloud security.
• Hands-on experience with Azure, AWS, or GCP security best practices and services.
• Strong knowledge of virtualization, Docker, containers, and their orchestration challenges.
• Hands-on experience with Kubernetes (including Pod Security Policies, Network Policies, Admission Controllers).
• Solid understanding of network concepts and web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing, TLS, DDoS detection/prevention).
• Proficiency with infrastructure automation tools such as Terraform.
• Knowledge of common cloud-native/cloud-friendly authentication mechanisms (e.g., OAuth, OpenID).
• Experience reviewing and understanding cloud architecture and security best practices.
• Ability to work independently with minimal supervision.
• Excellent communication skills, with the ability to ask clarifying questions, escalate issues proactively, and interact effectively at various organizational levels.
• Strong attention to detail, adaptability, and the ability to work autonomously.
• A proactive and curious mindset for learning and adopting emerging technologies.
• Knowledge of Security Operations Centre (SOC) / Incident Management is a plus.
• Associate or Professional-level Cloud and Kubernetes certifications (GCP/CKA/CKS preferred).
• A Bachelor's degree in Information Systems, Information Technology, Computer Science, or Engineering from an accredited institution.

InMobi fosters a culture where challenges are embraced, and growth opportunities are pursued. Our core values—thinking big, passion, accountability, and ownership with freedom—guide our decisions. We invest in continuous learning and career development through our 'InMobi Live Your Potential' program.

InMobi is an Equal Employment Opportunity employer committed to providing reasonable accommodations for individuals with disabilities.

Visit https://www.inmobi.com/company/careers to learn more about our benefits and values.