Responsibilities
- Implement cloud security initiatives for entire organization Improve Cloud security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
- Prepare and present reports of Vulnerability Assessment, Automation, Penetration Testing etc.
- Oversee the planning and coordination of Cloud security Deploy, Maintain and Support Log Aggregation, Vulnerability and Threat Detection Solutions with associated visualizations so that real-time identification of issues can be performed.
- In addition to the above specific responsibilities, as Cloud Security Engineer in Information Security division of Zeta, you will be responsible for:
- Hiring decisions, hiring process definition, and continuous improvements. Broad knowledge of security domain with an understanding of cloud & kubernetes vulnerabilities, secure configurations and mitigation mechanisms
- Perform review and validation of all deliverables for Cloud Security
- Educate DevOps, Devs and Security Team
- Continuous improvement of Cloud Security postureI
- ntegrating various tools into CI/ CD and automate repetitive tasks
- Make sure the environment is compliant to CIS, NIST, PCI etc.
- Ensure that Security Standards are being adopted by the Product Team covering both Cloud, On-Prem, SaaS, PaaS and IaaS.
Skills
- To be successful in this role, the following are the areas of expertise classified by their importance:
- Critical: Solid understanding of public cloud technologies with hands-on technical knowledge of at least one major public cloud like AWS, Azure etc.
- Experience of CI/CD Pipeline implementation and at least one tool (Jenkins, ArgoCD, Bitbucket Pipelines etc)Experience in at least one scripting language (Bash, Python, Java etc)Experience containerization and Kubernetes
- Experience of automating and templating security processes and documentation for compliance purposes.
- Hands on experience of vulnerability assessments, Penetration Testing, Web Application Security, data privacy, identify access management etc.
- Experience of at least 2 active and passive security tooling (OWASP ZAP, Veracode, Checkmarx, Fiddler etc)Experience on Infrastructure as Code solution (Terraform, Ansible, Chef etc)Advantage: experience with security tools like Prisma, Aqua, Clair, Hashicorp Vault, etc.
- Conduct Architecture and Design review to provide guidance and security assurance around best practices and frameworks.
- Work closely with the DevOps teams and share security insight
- Knowledge of development practices using Java and Nodejs, Docker, Kubernetes and other container orchestration services
- Experience with Secure Code Quality Tools, Testing and Techniques - ZAP, Wireshark, Sonarqube, Metasploit etc.
- Understanding of security frameworks, controls and processes - CIS, NIST, PCI/DSS. SOCI/II, etcMedium experience in one or more languages - NodeJS, GoLang, Python, Perl, Ruby, Bash, Javascript, Java etc.
- Ability to document risks, security controls and evidence to ensure compliance
Experience and Qualifications
- 2+ years of overall experience as Cloud Security/DevSecOps engineer in medium to large-size product companies.
- Bachelor of Technology (BE/B.Tech), M.Tech/ME in Computer Science or equivalent
Similar Jobs
What We Do
Founded in 2015, Zeta is a provider of next-gen credit card processing platform. Zeta’s cloud-native and fully API-enabled stack offers a comprehensive range of capabilities, including processing, issuing, lending, core banking, fraud detection, and loyalty programs. With a strong focus on technology, Zeta has over 1700+ employees and contractors, with more than 70% dedicated to technology roles. Operating across the US, UK, Middle East, and Asia, Zeta has served a global customer base of 35+ clients who have issued over 15 million cards on Zeta's platform to date. Backed by prominent investors such as Softbank Vision Fund 2 and Mastercard, Zeta has raised $280 million, at a valuation of $1.5 billion.