Public Cloud Security Engineer — Vulnerability & Exposure Management (MultiCloud) (Pune)

Public Cloud Security Engineer — Vulnerability & Exposure Management (Multi

Cloud)

This is a senior technical leadership role at the intersection of cloud engineering, security engineering, and reliability. You will be responsible for identifying, engineering, and operating cloud-native vulnerability and exposure management capabilities at scale — reducing systemic risk by detecting control breaks, insecure configurations, and exploitable vulnerabilities before they become incidents, while ensuring security tooling accelerates rather than impedes cloud adoption.

Cloud Environment & Security Scope

You will operate across:

• Microsoft Azure (primary / incumbent platform)
• Google Cloud Platform (GCP) — emerging data, platform, and AI workloads
• Oracle Cloud Infrastructure (OCI) — strategic and regulated workloads
• Multi-region architectures spanning production, pre-production, and development environments
• Shared responsibility security models across infrastructure, platform, and application layers

What You'll Work On

Cloud Security Focus Areas

• Cloud vulnerability management across compute, container, platform, and managed services
• Detection of misconfigurations, control drift, and insecure cloud patterns
• Exposure management spanning identity, network, data, and workload layers
• Engineering control-break detection techniques for cloud environments
• Reducing systemic risk through automation, standardisation, and preventative controls

Security Platforms & Tooling

• Vulnerability scanning and posture management tools
• SIEM and centralised logging platforms
• Endpoint and workload protection technologies (EDR/XDR)
• Packet capture and network visibility tooling where required
• Integration of security platforms via APIs into cloud and Dev

Ops workflows

• Configuration management and automation across large-scale security platforms

Infrastructure & Automation

• Infrastructure as Code (IaC) and configuration management for security controls
• Terraform and cloud-native tooling to enforce secure-by-default patterns
• CI/CD and Dev

Sec

Ops integrations to shift vulnerability detection left

• Python-based scripting and automation for control validation and response

Key Responsibilities

• Lead the engineering, onboarding, and production support of cloud security and vulnerability management platforms
• Design and operate security controls that support Azure today while scaling into GCP and OCI
• Detect, analyse, and remediate cloud vulnerabilities, misconfigurations, and control gaps
• Engineer control-break detection techniques to identify systemic security failures early
• Own the architecture, deployment, and lifecycle management of cloud security platforms
• Define and measure security-focused SLIs and SLOs in partnership with business stakeholders
• Contribute to incident response, mitigation, and post-incident reviews from a cloud security perspective
• Partner with cloud engineering teams to embed security controls into platform design
• Research, evaluate, and recommend cloud security technologies aligned to the firm's risk posture
• Mentor and develop junior security engineers, promoting solid engineering discipline and operational excellence
• Apply SRE principles to security platforms to reduce outages and operational friction
• Participate in system design, platform management, and capacity planning
• Ensure audit-ready documentation, operational hygiene, and clear escalation paths
• Maintain a strong understanding of enterprise risk culture, control frameworks, and risk reduction techniques

Required Qualifications

• Bachelor's degree in Computer Science, Information Systems, or equivalent engineering experience
• Senior-level experience engineering and operating security platforms in public cloud environments
• Strong hands-on experience with Azure, plus exposure to GCP and/or OCI
• Deep expertise in vulnerability management, configuration assessment, and exposure reduction
• Proficiency in Python for security automation and tooling
• Experience operating large-scale distributed systems in regulated environments
• Strong understanding of UNIX/Linux internals, networking, and cloud infrastructure

Preferred Qualifications

• Financial services or highly regulated industry experience
• Experience integrating security platforms using APIs
• Familiarity with SIEM query languages (e.g., Splunk SPL, SQL-based analytics)