📍 Job Overview

• Job Title: Cloud Security Engineer
• Company: Tazapay Pte Ltd
• Location: Chennai, Tamil Nādu, India
• Job Type: On-site
• Category: Security & Compliance
• Date Posted: 2025-06-12
• Experience Level: 5-10 years

🚀 Role Summary

• Design, implement, and maintain security controls for AWS cloud infrastructure processing sensitive financial data
• Collaborate with cross-functional teams to ensure optimal performance and security across global markets
• Leverage AWS security services, including Shield and CloudFront, to protect against threats and ensure compliance with financial industry regulations

📝 Enhancement Note: This role requires a strong focus on AWS cloud security, with a broad range of responsibilities spanning infrastructure, application, and incident response. The ideal candidate will have extensive experience in cloud security, with a deep understanding of AWS services and best practices.

💻 Primary Responsibilities

• AWS Cloud Security Architecture

  • Design and implement comprehensive security architecture for AWS cloud environments
  • Configure and manage AWS Shield for DDoS protection across payment processing infrastructure
  • Implement and optimize AWS CloudFront security configurations, including WAF rules, SSL/TLS, and origin protection
  • Secure AWS services, including EC2, ECS, EKS, Lambda, RDS, S3, and API Gateway
  • Design and implement network security controls using VPC, Security Groups, NACLs, and AWS Transit Gateway
  • Establish secure CI/CD pipelines for Node.js applications and GoLang microservices

• Application & Infrastructure Security

  • Secure Node.js applications running on AWS infrastructure, including container and serverless environments
  • Implement security controls for GoLang microservices deployed across multiple AWS regions
  • Configure and manage AWS WAF rules for web application protection
  • Implement container security for Docker containers running Node.js and GoLang applications
  • Secure Kubernetes clusters (EKS) hosting microservices architecture
  • Manage secrets and configuration security using AWS Secrets Manager and Parameter Store

• Monitoring & Incident Response

  • Implement comprehensive security monitoring using AWS CloudTrail, GuardDuty, and Security Hub
  • Deploy and manage Prowler for continuous AWS security monitoring and compliance validation
  • Utilize ScoutSuite for regular multi-cloud security posture assessments
  • Configure Gitleaks monitoring for continuous secret detection across development workflows
  • Implement OpenGrep rules for real-time security vulnerability detection in application code
  • Configure CloudWatch alarms and automated incident response workflows
  • Develop and maintain security dashboards and reporting mechanisms
  • Respond to security incidents and conduct forensic analysis in cloud environments
  • Implement automated threat detection and response capabilities
  • Monitor and analyze CloudFront access logs and security events

• Compliance & Risk Management

  • Ensure AWS infrastructure compliance with financial industry regulations (PCI DSS, SOX, GDPR)
  • Conduct regular security assessments using Prowler for AWS compliance validation and ScoutSuite for comprehensive security audits
  • Implement continuous compliance monitoring through automated tools and custom security frameworks
  • Implement and maintain data protection controls for payment processing workloads
  • Perform risk assessments for cloud services and architectures
  • Develop and maintain disaster recovery and business continuity plans
  • Support compliance audits and regulatory assessments

• Automation & DevSecOps

  • Implement Infrastructure as Code (IaC) security using Terraform, CloudFormation, and AWS CDK
  • Integrate Gitleaks for automated secret scanning in CI/CD pipelines and repositories
  • Deploy OpenGrep (Semgrep) for static analysis and security vulnerability detection in Node.js and GoLang codebases
  • Utilize Prowler for comprehensive AWS security assessments and compliance checks
  • Implement ScoutSuite for multi-cloud security auditing and configuration reviews
  • Develop security automation scripts and tools using Python, Bash, and AWS SDKs
  • Integrate security scanning and compliance checks into CI/CD pipelines
  • Automate security policy enforcement across AWS accounts and regions
  • Implement automated remediation for common security misconfigurations

🎓 Skills & Qualifications

Education: Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications are a plus.

Experience: 4+ years of experience in cloud security, with a strong focus on AWS cloud environments. Hands-on experience with AWS Shield (Standard and Advanced) for DDoS protection, extensive experience securing AWS CloudFront distributions, and strong experience securing Node.js applications in cloud environments. Proven experience with GoLang microservices security in containerized and serverless architectures. Hands-on experience with security automation tools, including Gitleaks, OpenGrep, Prowler, and ScoutSuite. Experience with AWS security services (GuardDuty, Security Hub, Config, CloudTrail) and knowledge of financial services security requirements and payment processing compliance.

Required Skills:

• Advanced proficiency in AWS security services and best practices
• Deep understanding of AWS Shield and DDoS mitigation strategies
• Expert-level knowledge of AWS CloudFront security configurations and optimization
• Strong security knowledge for Node.js applications, including dependency management and runtime security
• Comprehensive understanding of GoLang microservices security patterns and secure coding practices
• Proficiency with security automation tools: Gitleaks (secret scanning), OpenGrep/Semgrep (static analysis), Prowler (AWS security assessment), ScoutSuite (multi-cloud auditing)
• Proficiency in Infrastructure as Code (Terraform, CloudFormation, AWS CDK)
• Experience with container security (Docker, Kubernetes/EKS)
• Knowledge of network security protocols and AWS networking services
• Scripting and automation skills (Python, Bash, PowerShell)

Preferred Skills:

• AWS Security Specialty certification
• AWS Solutions Architect or DevOps Engineer certifications
• Additional security certifications (CISSP, CCSP, CEH, CISSP)
• Cloud security certifications from other providers (Azure, GCP)
• Experience with multi-cloud security architectures
• Knowledge of serverless security (AWS Lambda, API Gateway)
• Experience with compliance frameworks (SOC 2, PCI DSS, ISO 27001)
• Familiarity with threat modeling and risk assessment methodologies
• Experience with security orchestration and automated response (SOAR)
• Knowledge of machine learning for security analytics
• Experience with payment processing and financial services infrastructure
• Understanding of microservices mesh security (Istio, Consul Connect)

Key Abilities and Traits:

• Cloud Security Expertise: Demonstrated ability to design and implement comprehensive security controls for complex AWS environments processing sensitive financial data.
• Technical Leadership: Capable of leading cloud security initiatives, influencing architecture decisions, and mentoring team members on cloud security best practices.
• Problem-Solving: Strong analytical skills with the ability to troubleshoot complex cloud security issues and implement innovative solutions.
• Automation Mindset: Commitment to automating security processes and implementing security-as-code practices across the infrastructure lifecycle.
• Communication: Excellent verbal and written communication skills, capable of explaining complex cloud security concepts to both technical and business stakeholders.
• Continuous Learning: Commitment to staying current with evolving AWS services, cloud security threats, and industry best practices.
• Detail-Oriented: Meticulous attention to detail when implementing security controls and reviewing cloud configurations.
• Project Management: Ability to manage multiple cloud security projects simultaneously while ensuring compliance with regulatory requirements.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

• A comprehensive portfolio showcasing your cloud security expertise, including AWS security architecture designs, secure application implementations, and incident response case studies.
• Detailed documentation of security controls, automation scripts, and compliance assessments for AWS cloud environments.
• Examples of secure Node.js applications and GoLang microservices deployments, highlighting your proficiency in securing modern web technologies.

Technical Documentation:

• Code quality and documentation standards for Node.js applications and GoLang microservices, demonstrating your commitment to best practices and security principles.
• Version control, deployment processes, and server configuration management, showcasing your experience with CI/CD pipelines and Infrastructure as Code (IaC) tools.
• Testing methodologies, performance metrics, and optimization techniques, highlighting your ability to ensure optimal performance and security for payment processing workloads.

💵 Compensation & Benefits

Salary Range: INR 1,200,000 - 1,800,000 per annum, depending on experience and skills. This range is based on market research for cloud security engineers in Chennai, considering the role's complexity and required qualifications.

Benefits:

• Competitive health insurance and retirement plans
• Generous vacation and leave policies
• Employee stock options and equity compensation
• Professional development opportunities, including training, certifications, and conference attendance
• A dynamic, collaborative work environment with a strong focus on innovation and growth

Working Hours: Full-time position with flexible working hours to accommodate different time zones and collaboration needs. Occasional on-call duties may be required to support 24/7 incident response and monitoring.

🎯 Team & Company Context

🏢 Company Culture

Industry: Financial Services & Payments

Company Size: Medium (50-250 employees)

Founded: 2017

Team Structure:

• A cross-functional team consisting of software engineers, QA engineers, product managers, and designers working together to deliver innovative payment solutions.
• A dedicated security team responsible for ensuring the security and compliance of the company's cloud infrastructure and payment processing platform.
• A flat organizational structure that encourages open communication, collaboration, and innovation.

Development Methodology:

• Agile/Scrum methodologies for software development and project management.
• Continuous Integration/Continuous Deployment (CI/CD) pipelines for automated testing and deployment.
• Infrastructure as Code (IaC) practices for automated provisioning and management of cloud resources.
• Regular code reviews, pair programming, and knowledge-sharing sessions to foster a culture of continuous learning and improvement.

Company Website: www.tazapay.com

📝 Enhancement Note: Tazapay's culture emphasizes openness, innovation, and great memories together. The company values collaboration, continuous learning, and a strong commitment to delivering exceptional customer experiences in the cross-border payment processing space.

📈 Career & Growth Analysis

Web Technology Career Level: Senior Cloud Security Engineer

Reporting Structure: Reports directly to the Head of Security, working closely with the CTO and other senior leadership team members to drive cloud security strategy and implementation.

Technical Impact: Responsible for designing and implementing security controls that protect the company's payment processing platform and ensure compliance with financial industry regulations. This role has a significant impact on the security and stability of the company's cross-border payment services, affecting millions of users worldwide.

Growth Opportunities:

• Technical Leadership: Opportunities to mentor junior security team members, influence architecture decisions, and drive cloud security best practices across the organization.
• Technical Specialization: The chance to deepen your expertise in specific areas of cloud security, such as incident response, compliance management, or automation and DevSecOps.
• Architecture & Design: The possibility to lead security architecture and design efforts for new products, services, or infrastructure projects, shaping the company's long-term technical roadmap.
• Cross-Functional Collaboration: The opportunity to work closely with various teams, including software engineering, product management, and design, to ensure the security and compliance of the company's products and services.

📝 Enhancement Note: Tazapay's growth potential is significant, with a strong focus on innovation and expansion in the cross-border payment processing space. This role offers numerous opportunities for career progression, technical specialization, and leadership development.

🌐 Work Environment

Office Type: On-site, with a modern, collaborative workspace designed to foster creativity, innovation, and team interaction.

Office Location(s): Chennai, Tamil Nādu, India

Workspace Context:

• A spacious, open-plan office layout with dedicated team spaces, meeting rooms, and breakout areas.
• Ergonomic workstations with high-quality equipment, including dual monitors and noise-cancelling headphones.
• A well-stocked pantry with complimentary snacks, beverages, and lunch options.
• Recreational facilities, such as a gaming area and outdoor spaces, to encourage relaxation and team-building activities.

Work Schedule:

• Standard working hours: Monday - Friday, 9:00 AM - 6:00 PM IST, with a one-hour lunch break.
• Flexible working hours: Occasional flexibility in working hours to accommodate different time zones and collaboration needs.
• On-call duties: Occasional on-call duties may be required to support 24/7 incident response and monitoring.

📝 Enhancement Note: Tazapay's work environment emphasizes collaboration, innovation, and work-life balance. The company provides a modern, comfortable workspace designed to support the well-being and productivity of its employees.

📄 Application & Technical Interview Process

Interview Process:

1. Phone Screen (30 minutes): A brief phone call to discuss your resume, qualifications, and initial fit for the role.
2. Technical Deep Dive (60 minutes): A detailed technical conversation focusing on your cloud security expertise, AWS security services, and relevant experience.
3. Behavioral & Cultural Fit (30 minutes): An interview to assess your cultural fit, problem-solving skills, and ability to work effectively in a collaborative, fast-paced environment.
4. Final Round (60 minutes): A meeting with senior leadership team members to discuss your career aspirations, growth opportunities, and long-term fit within the organization.

Portfolio Review Tips:

• Highlight your most relevant cloud security projects, focusing on AWS security architecture, application security, and incident response case studies.
• Demonstrate your ability to design, implement, and manage secure CI/CD pipelines for Node.js applications and GoLang microservices.
• Showcase your proficiency in security automation tools, including Gitleaks, OpenGrep, Prowler, and ScoutSuite.
• Explain your approach to cloud security compliance, risk management, and continuous monitoring.

Technical Challenge Preparation:

• Brush up on your knowledge of AWS security services, including Shield, CloudFront, and WAF.
• Familiarize yourself with the latest cloud security best practices, trends, and emerging threats.
• Prepare for questions on Node.js application security, GoLang microservices security, and incident response strategies.
• Practice explaining complex cloud security concepts in a clear, concise manner, tailoring your responses to a technical audience.

📝 Enhancement Note: Tazapay's interview process is designed to assess your technical expertise, cultural fit, and long-term potential within the organization. The company values transparency, open communication, and a collaborative approach to the hiring process.

📌 Application Steps

To apply for this Cloud Security Engineer position at Tazapay:

1. Update Your Resume: Tailor your resume to highlight your relevant cloud security experience, AWS security services proficiency, and technical qualifications.
2. Prepare Your Portfolio: Curate a comprehensive portfolio showcasing your cloud security expertise, AWS security architecture designs, and secure application implementations.
3. Research the Company: Familiarize yourself with Tazapay's mission, values, and culture to ensure a strong fit and informed interview preparation.
4. Prepare for Technical Interviews: Brush up on your cloud security knowledge, review the job description, and practice explaining complex cloud security concepts in a clear, concise manner.
5. Submit Your Application: Submit your application through the Tazapay careers page, including your resume and portfolio links.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and web development/server administration industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.