Sr CLOUD SECURITY ENGINEER
About the job
Who are we and What do we do?
InMobi Group’s mission is to power intelligent, mobile-first experiences for enterprises and consumers. Its businesses across advertising, marketing, data and content platforms are shaping consumer experience in a world of connected devices. InMobi Group has been recognized on both the 2018 and 2019 CNBC Disruptor 50 list and as one of Fast Company’s 2018 World’s Most Innovative Companies.
What’s the InMobi family like?
Consistently featured among the “Great Places to Work” in India since 2017, our culture is our true north, enabling us to think big, solve complex challenges and grow with new opportunities. InMobians are passionate and driven, creative and fun-loving, take ownership and are results focused. We invite you to free yourself, dream big and chase your passion
What do we promise?
We offer an opportunity to have an immediate impact on the company and our products. The work that you shall do will be mission critical for InMobi and will be critical for optimizing tech operations, working with highly capable and ambitious peer groups. At InMobi, you get food for your body, soul, and mind with daily meals, gym, and yoga classes, cutting-edge training, and tools, cocktails at drink cart Thursdays and fun at work on Funky Fridays. We even promise to let you bring your kids and pets to work.
What does the team do?
Opportunity is part of the evolving cyber security group which is laser focussed on setting up industry benchmarks in managing & guarding against digital risks in a “Cloud Native- DevOps Only” environment. It is a lean-mean-special action group where every cyber sentinel gets an opportunity to work across domain, has an independence to challenge status quo & evolve cyber practises to next level of maturity. Our core competencies revolve around “Product & Platform security”, “Cloud Native Risk Management” and “Detection & Response”.
What you will be doing?
The ideal candidate is familiar with information security industry best practices, modern automation tools and Cloud environment. We are looking for someone with a security mindset who "thinks like an attacker".
- Own the cloud security posture management program (CSPM) and concentrate efforts on continuous improvement of the cloud security configurations aligned to global standards like NIST CSF, ISO 27001, ISO 31000, Cloud Security Alliance, etc.
- Uplift & evolve detection policies on CSPM to optimize detection capabilities and draft technical standards for remediation on vulnerabilities identified on cloud stack.
- Own & manage integrated vulnerability management dashboard to bring visibility on technical debt.
- Evolve & mature security stack to support a multi cloud strategy in high density containerised environment.
- Ability to refer CIS benchmarks & customise hardening standards as per the evolution of technology stack.
- Engineer & uplift adoption of Infra as a Code program in pre-provisioning phase & PaaC (Policy as a code) to continuous monitoring of risk configurations changes.
- Perform risk assessment of proposed and existing cloud architecture adhering to cloud security policies, procedures, and standards for recommending technical and administrative controls to mitigate identified risks.
- Design and develop frameworks and solutions to secure CI/CD pipelines.
- Work in synergy with infra/product engineering teams in defining baseline security configuration, build continuous visibility for detecting misconfigurations/ vulnerabilities reported by CSPM and mature remediation practices.
- Provide SME in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks.
- Work with cloud vendors and external security researchers to resolve security gaps in InMobi’s Cloud.
- Develop, monitor, and manage cloud performance & hygiene metrics (KCI, KPI, KRI).
- Prepare and deliver training and security awareness activities to the Engineering teams.
What is expected out of you?
- 8-10 years of experience in cloud security domain.
- Hands-on experience with Azure/AWS/GCP security best practices and services.
- Strong knowledge of virtualization, dockers, containers and their orchestration with its challenges.
- Strong understanding of network concepts and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, TLS, DDoS detection/prevention).
- Hands on experience with the infrastructure automation tools like Terraform.
- Knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).
- Experience reviewing and understanding cloud architecture and security best practices.
- Ability to work independently with little direction and/or supervision.
- Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
- Keen attention to detail with the ability to correct on the fly and work independently.
- Curiosity to learn & adopt emerging technologies
- Agile practitioner.
- Holds Associate or Professional-level Cloud certification(s).
- Degree In Information Systems, Information Technology, Computer Science or Engineering from an accredited college or university.
Why Join Us?
You will contribute to creating disruptive and innovative consumer experiences using technology. We value autonomy, collaboration, technical innovation, and results-oriented thinking. InMobi’s culture is all about rewarding excellence so there are fantastic opportunities for the right candidates.