Lead Cyber Security

Job Description

Role Title: Lead Cyber security
Department: Digital
Base Location: Gurgaon
Work Mode: Onsite
Travel Required: On Requirement Basis

JOB PURPOSE
The primary purpose of a cloud security job is to protect an organization's cloud-based infrastructure and data from unauthorized access, threats, and vulnerabilities. Cloud security professionals are responsible for ensuring the confidentiality, integrity, and availability of sensitive information stored and processed in the cloud.

KEY RESPONSIBILITIES
•Design and implement CNAPP solutions to secure cloud-native applications.
•Collaborate with DevOps teams to integrate security into the CI/CD pipeline.
•Monitor cloud environments for vulnerabilities, misconfigurations, and threats.
•Understanding about cloud security architecture and ability to review architecture design.
•Respond to and mitigate security incidents in cloud environments.
•Ensure compliance with industry regulations and best practices.
•Develop and maintain security policies and procedures for cloud-native environments.
•Conduct regular security assessments and audits of cloud infrastructure and applications.
•Provide guidance and support to development teams on secure coding practices.
•Regularly scans cloud environments for vulnerabilities in infrastructure components, containers, and applications.
•Ensures that cloud resources are configured according to security best practices and compliance standards.
•Monitors and protects network traffic within the cloud environment, preventing unauthorized access and data breaches.
•Analyzes container images for vulnerabilities and malware before deployment.
•Runtime Protection, Monitors containers for suspicious activity and blocks malicious attempts to exploit vulnerabilities.
•Ensures the integrity of container images and their dependencies.
•Protects web applications from common attacks like SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).
•API Security: Secures APIs and microservices from unauthorized access and abuse.
•Good understanding about bot protection and rate limiting.
•Good understanding about K8S environment.
•Threat Detection: Identifies and responds to security incidents in real-time.
•Investigates security breaches to determine the root cause and prevent future occurrences.
•Coordinates response efforts and ensures that affected systems are restored to a secure state.
•Compliance Regulatory Adherence Helps organizations comply with industry-specific regulations as per organization requirement.
•Audit Support Provides evidence and documentation to support security audits.
•Knowledge of programming languages and scripting (e.g., Python, Bash) for automation and integration.

SKILLS AND KNOWLEDGE
Educational • Any graduate and above
Desired Experience •10 Year’s (Relevant should be 5 Year’s)
Skill Set Required •A Cloud Security Lead is responsible for safeguarding an organization's cloud infrastructure and data. They must possess a blend of technical expertise, strategic thinking, and a deep understanding of security best practices.

At IndiGo, we believe in the innate strength of an energetic, diverse, and inclusive workforce, where the viewpoints and life experiences of our employees help us foster strong connections with all our customers. Our diversity equity and inclusion efforts are designed to attract, nurture, and advance the lives of our employees and customers irrespective of their – but not limited to - gender, race, color, religion, caste, creed, ethnicity, origin, language, social and economic status, sexual orientation, differently-abled status, marital status, nationality, age, family status, and maternity status.