Description

Experience: 4 to 6 yrs

Location: BLR

Engineering Graduate - preferably B.E. /B.Tech in IT or Computer Engineering.

The Cloud Security Compliance Analyst is responsible for:

1. Assessing the conformity of the cloud services
2. Ensuring conformity concerning Organisation/customers Enterprise Security Protection Baselines (ESPB) guidelines
3. Defining associated compliance security policies

Job Description:

1. Assess the compliance of the different Cloud Services using Airbus Standards and Public Cloud Security Standards.
2. Define the required security controls to make the usage of the cloud services compliant.
3. Ensure a good quality of the description of the security control taking into account the company context.
4. Evaluate the relevant severity for each security control.
5. Ensure the lifecycle of the defined security controls.
6. Synchronize and work with Cloud Security and Cloud platform stakeholders to ensure the visibility and relevance of the deliveries.
7. Make propositions to improve the compliance assessment process.
8. Contribution to Cloud Platform blueprints by providing services compliant IaC.
9.  
10. Requires knowledge of compliance and a commitment to acting with integrity, and will be part of the Cloud Compliance team (Cloud Security Controls & Procedures),
11. Assess the compliance of the different Cloud Services using Organisation/customers Standards and Public Cloud Security Standards.
12. Define the required security controls to make the usage of the cloud services compliant.
13. Ensure a good quality of the description of the security control, l taking into account the company context.
14. Evaluate the relevant severity for each security control & ensure the lifecycle of the defined security controls.
15. Synchronise and work with Cloud Security and Cloud platform stakeholders to ensure the visibility and relevance of the deliveries.
16. Make propositions to improve the compliance assessment process.
17. Contribution to Cloud Platform blueprints by providing services compliant with IaC.

Skills:

Must Have:

-Strong knowledge of AWS Services and Cloud Security

-Remediation support for Cloud Infra Vulnerabilities

-Remediation support for Security Non-Compliance alerts

-Analysis of false/true positive alerts

-Analysing built-in and customised RQLs

-Cloud compliance exception analyst, Cloud SecOps skills like vulnerability detection and remediation follow-up are a plus

-Good Communication & Stakeholder Management skills

Good to Have:

-Agile methodology knowledge

-Scripting and automation using Python

-Knowledge of GCP or Azure cloud.

-Knowledge of cybersecurity best practices concerning hardening, in an IT/IM Security environment, including standards creation

-Cloud Security compliance or more generic Cyber Security Standards, Cloud Security Engineer and Cloud Threat Modelling

-Cloud Technical knowledge, having practised one CSP for at least 6+ years (AWS and GCP)

Total Experience Expected: 04-06 years

Qualifications

Qualification & Certifications

1. Engineering graduate - preferably B.E. /B.Tech in IT or Computer Engineering
2. At least one Certification Preferred:-
3. AWS Cloud Certifications ( Cloud Practitioner, Security Specialty)
4. Google Cloud Certifications ( Associate/Professional,

Additional Information

Ready to work at client site in Bengaluru as per the client support hours

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.

Company Description

About Sopra Steria
Sopra Steria, a major Tech player in Europe with 50,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2024, the Group generated revenues of €5.8 billion.
The world is how we shape it.