Team Lead - Cloud Security

Company Description

Metro Global Solution Center (MGSC) is internal solution partner for METRO, a €30.5 Billion international wholesaler with operations in 31 countries through 625 stores & a team of 93,000 people globally. Metro operates in a further 10 countries with its Food Service Distribution (FSD) business and it is thus active in a total of 34 countries.

MGSC, location wise is present in Pune (India), Düsseldorf (Germany) and Szczecin (Poland). We provide Finance, HR, IT & Business operations support to 31 countries, speak 24+ languages and process over 18,000 transactions a day. We are setting tomorrow’s standards for customer focus, digital solutions, and sustainable business models. For over 12 years, we have been providing services and solutions from our two locations in Pune and Szczecin. This has allowed us to gain extensive experience in how we can best serve our internal customers with high quality and passion. We believe that we can add value, drive efficiency, and satisfy our customers.

Website: https://www.metro-gsc.in

Company Size: 600-650

Headquarters: Pune, Maharashtra, India

Type: Privately Held

Inception:  2011

Job Description

Responsibilities

• Setup and lead cloud security engineering team.
• Triage High/Critical findings & drive mitigation for cloud environments.
• Identify, approve high severity True or False positive vulnerabilities for cloud environment.
• Support Product teams implementing cloud security services and
• Create individual concepts to improve the security level and create decision templates for risk treatment (in particular definition of measures to reduce risk)
• Identify security risks in the cloud architecture and infrastructure, drive mitigations.
• Collaborate with application security team to improve and implement the target S-SDLC framework
• Engage with a new cloud technology and participate in their secure implementation
• Participate in the development of DevSecOps concepts and work closely with other IT teams.
• Ensure compliance with industry standards and regulations.
• Support Security & Privacy Engineering Key activities.
  
  Role Description:
• The Cloud Security Tech Lead is responsible for setting up, leading and functionally steering a team of cloud security engineers.
• Support defining and maintaining the cloud security processes as part of the cloud operating model and support both cloud governance topics and cloud risk management
• Oversee the daily operations of the cloud security engineering team to ensure efficiency and smooth functioning.
• Provide technical expertise and guidance to team members, offering support and direction where needed.
• Carry out security assessments, protection requirements and risk analyzes of cloud platforms

Serve as the technical authority, providing expert guidance to the security engineers where needed.

Technical & Soft Skills:

• In-depth understanding of cloud computing concepts and architectures (IaaS, PaaS, SaaS).
• Strong knowledge and skills in scripting, and development of automation in ci/cd.
• Ability to analyze complex security issues, identify root causes, and recommend effective solutions.
• Proficiency in implementing and managing cloud security controls, including identity and access management, encryption, network security, and data protection.
• Strong knowledge of common security threats, vulnerabilities, and attack vectors in cloud environments.
• Proficiency in concepts of vulnerability assessments and scans using automated tools (Qualys, SCCP, Polaris, …)
• Understanding of common vulnerabilities and exposures (CVEs), Common Vulnerability Scoring System (CVSS), and vulnerability databases.
• Excellent communication and interpersonal skills to effectively collaborate with clients, stakeholders, and internal teams.
• Proficient in producing briefings, and presentations to communicate findings, trends, and recommendations to stakeholders.
• Strong organizational and time management skills with the ability to coordinate and prioritize multiple tasks simultaneously.
• Ability to work under pressure.

Qualifications

Qualifications & Experience

●Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree or relevant certifications (e.g., CISSP, Google Cloud Certifications ) may be preferred.

●Senior Engineer: 7+ years of relevant experience, preferably in an enterprise.

●Hands on Cloud Security Architect experience. (GCP is preferred)