Technology and Innovation - Cloud Security Engineer

About the role
We are looking for a highly skilled and motivated Security Operations (SecOps) Engineer to join our growing security team. In this role, you will be responsible for overseeing the security infrastructure of our organization, monitoring and analyzing security incidents, implementing security controls, and ensuring the integrity of systems and data. Working closely with other IT teams, you will play a crucial role in protecting our digital assets through proactive monitoring, vulnerability management, and incident response.

Who You Are:

• A cybersecurity professional with 2-5 years of experience in IT security or related roles.
• Skilled in security technologies such as SIEM, firewalls, IDS/IPS, endpoint protection, and vulnerability scanners.
• Experienced in incident response and familiar with various threat intelligence platforms.
• Knowledgeable in security frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., PCI-DSS, GDPR).
• Comfortable working in high-pressure situations with strong analytical and problem-solving skills.
• Detail-oriented with a proactive mindset and the ability to work well in a team-oriented environment.
• Able to effectively communicate security risks and solutions to stakeholders at all levels.

What You’ll Do:

• Continuously monitor security alerts and logs from various systems (e.g., firewalls, intrusion detection/prevention systems).
• Analyze and investigate security incidents to identify, contain, and remediate vulnerabilities or breaches.
• Coordinate incident responses, conducting root cause analysis and ensuring proper documentation and mitigation.
• Communicate and escalate incidents to the appropriate stakeholders and management.
• Proactively monitor and hunt for emerging threats and vulnerabilities.
• Use security tools to detect anomalies and potential attack patterns.
• Develop and refine threat intelligence to anticipate and mitigate risks.
• Perform regular vulnerability assessments and coordinate patch management activities.
• Work with IT and development teams to ensure timely remediation of vulnerabilities.
• Analyze vulnerabilities and provide recommendations to minimize risk exposure.
• Administer and manage security tools such as SIEM, intrusion detection/prevention systems, firewalls, and antivirus software.
• Tune and configure security systems to improve detection capabilities and reduce false positives.
• Stay up to date with the latest security technologies and practices, recommending improvements as necessary.
• Assist in developing and implementing security policies and procedures to align with industry standards and regulatory requirements.
• Ensure compliance with security frameworks such as NIST, CIS, SOC 2, and GDPR.
• Conduct audits and reviews to ensure adherence to security best practices.
• Work closely with other IT teams (network, systems, cloud engineers) to integrate security into the broader infrastructure.
• Assist with security awareness training for employees and provide guidance on best practices.
• Support the development of incident response plans, disaster recovery strategies, and business continuity plans.
• Maintain detailed incident reports and security logs for future reference and compliance.
• Create and present regular security reports to management, highlighting trends, incidents, and recommendations for improving the organization’s security posture.

Preferred Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience.
• Certified Ethical Hacker (CEH)Certified Incident Handler (GCIH)Security+ or other relevant certifications
• 2-5 years in IT security or related roles, with hands-on experience in security technologies and incident response.
• Strong knowledge of TCP/IP, networking protocols, and internet technologies.
• Familiarity with security tools such as Splunk, Palo Alto, CrowdStrike, or similar.
• Knowledge of operating systems (Linux, Windows, macOS) and cloud platforms (AWS, Azure, Google Cloud).Familiar with security frameworks and regulatory standards (e.g., NIST, ISO 27001, PCI-DSS, GDPR).
• Strong analytical, problem-solving, and communication skills.
• Ability to work under pressure in high-stakes environments.
• Detail-oriented with a proactive, team-focused attitude.

Preferred Skills:

• Experience in cloud security (AWS, Azure, GCP).
• Knowledge of scripting languages (Python, Bash, PowerShell).
• Familiarity with automated security testing tools and DevSecOps practices.
• Experience with endpoint detection and response (EDR) systems. 

#LI-SH1#yantra
About Riveron:Riveron, a business advisory firm backed by Kohlberg & Company, has recently acquired Yantra.
At Riveron, we partner with clients—from global multinationals to high-growth private entities—to solve complex finance challenges, guided by our DELTA values: Drive, Excellence, Leadership, Teamwork, and Accountability. Our entrepreneurial culture thrives on collaboration, diverse perspectives, and delivering exceptional outcomes. We are committed to fostering growth, both for our clients and our people, through mentorship, integrity, and a client-centric approach. This inclusive environment offers flexibility, progressive benefits, and meaningful opportunities for impactful work that supports well-being in and out of the office.  
Check us out on social media: LinkedIn  Glassdoor  Instagram  Facebook  Riveron Consulting is an Equal Opportunity Employer and believes that we are stronger together through our diversity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability status, protected veteran status, sexual orientation, gender identity or any other characteristic protected by law.
Fraud AlertPlease beware of fraudulent schemes or impersonations when going through the job application process. A Riveron employee will never recruit via text or extend unsolicited employment offers. Additionally, a Riveron employee will never ask you to exchange money or purchase anything as part of the recruiting process.