Sr. Lead, Cloud Security Engineer

📍 Job Overview

• Job Title: Sr. Lead, Cloud Security Engineer
• Company: ASSA ABLOY
• Location: Chennai, Tamil Nādu, India
• Job Type: Hybrid
• Category: Security & Compliance
• Date Posted: 2025-06-27

🚀 Role Summary

The Sr. Lead Cloud Security Engineer will drive security best practices into software development and operations processes, focusing on cloud infrastructure, application development workflows, and CI/CD pipelines. This role requires strong expertise in security automation, vulnerability management, compliance, and threat mitigation, while collaborating with development, operations, and security teams.

💻 Primary Responsibilities

• Design, Implement, and Manage Security Controls: Develop, implement, and maintain security controls within CI/CD pipelines and cloud infrastructure to ensure secure software development and deployment.
• Develop and Maintain Security Tools: Create and maintain security tools for cloud infrastructure, containerized environments, and microservices architectures.
• Develop Security Policies and Best Practices: Define and maintain security policies, standards, and best practices for cloud and on-premises environments.
• Identify, Assess, and Remediate Vulnerabilities: Identify, assess, and remediate vulnerabilities in infrastructure, applications, and containerized environments.
• Implement Security Monitoring and Alerting: Establish security monitoring, logging, and alerting solutions to detect threats and anomalies.
• Collaborate with Development Teams: Work closely with software developers, IT operations, and security teams to embed security principles into development workflows.
• Automate Security Testing and Compliance Checks: Automate security testing, reporting, and compliance checks within CI/CD pipelines.
• Provide Mentorship and Awareness: Offer guidance and awareness on security best practices to end users.
• Conduct Security Assessments and Penetration Testing: Perform security assessments, penetration testing, and threat modeling for applications and infrastructure.
• Ensure Compliance with Industry Regulations: Maintain compliance with industry regulations and frameworks such as NIST, ISO 27001, SOC 2, and GDPR.
• Lead Security Incident Response: Lead security incident response and forensic analysis when required.

🎓 Skills & Qualifications

Education: Bachelor's degree in Programming/Systems or Computer Science or equivalent experience.

Experience: 10+ years of overall experience, with 6-7+ years specifically in DevSecOps, cybersecurity, or cloud security.

Required Skills:

• Security certifications such as CISSP, CISM, CEH, OSCP, or AWS/Azure Security certifications.
• Experience with Zero Trust architecture and security frameworks.
• Familiarity with DevSecOps compliance automation (Open Policy Agent, Chef InSpec, etc.).
• Strong problem-solving skills and ability to work in a fast-paced, dynamic environment.
• Knowledge of SIEM, SOAR, and security orchestration tools.
• AWS Professional certification.

Preferred Skills:

• Bachelor's degree in Programming/Systems or Computer Science or equivalent experience.
• Strong background in CI/CD tools (Jenkins, Bitbucket).
• Hands-on experience with cloud platforms (AWS) and security best practices.
• Expertise in Infrastructure as Code (Terraform, CloudFormation, Ansible).
• Proficiency in programming/scripting languages (Python, Bash, Go).
• Experience with container security (Docker, Kubernetes, service meshes).
• Familiarity with security scanning tools (SAST, DAST, SCA, and vulnerability scanners like Snyk, SonarQube, or Nessus).
• Familiarity with API Security, Container Security, AWS Cloud Security.
• Knowledge of Identity and Access Management (IAM), secrets management, and encryption techniques.
• Strong understanding of network security, zero trust architectures, and identity management.
• Working experience with Security groups, NACLs, AWS Security Hub and related services.

💵 Compensation & Benefits

Salary Range: Competitive salary package based on experience and industry standards for cloud security roles in India.

Benefits:

• Empowerment: Flexible work environment, learning opportunities, and career growth.
• Innovation: Open to ideas, flexible work arrangements, job sharing, or part-time job seekers.
• Integrity: Results-oriented, reliable, and straightforward work culture with appreciation for individual contributions.

Working Hours: 40 hours per week, with flexible arrangements available.

🎯 Team & Company Context

🏢 Company Culture

Industry: Security and access solutions.

Company Size: 63,000 employees worldwide, with 250+ locations in 50+ countries.

Founded: 1921.

Team Structure:

• Global Engineering Team based in Chennai, India.
• Business Unit Engineering Team based in Bangalore, India.

Development Methodology:

• Agile/Scrum methodologies and sprint planning for web projects.
• Code review, testing, and quality assurance practices.
• Deployment strategies, CI/CD pipelines, and server management.

Company Website: www.hidglobal.com.

LinkedIn: www.linkedin.com/company/hidglobal/mycompany/.

📈 Career & Growth Analysis

Web Technology Career Level: Sr. Lead, Cloud Security Engineer - Senior-level role with extensive experience and leadership responsibilities.

Reporting Structure: Reports directly to the Head of Cloud Security or a relevant manager within the security organization.

Technical Impact: Significant influence on cloud security posture, application security, and infrastructure decisions.

Growth Opportunities:

• Technical leadership potential with team management and architecture decisions.
• Growth opportunities in emerging technology adoption and technical specialization.
• Mentorship and knowledge-sharing opportunities within the security team.

🌐 Work Environment

Office Type: Hybrid work environment with a mix of on-site and remote work arrangements.

Office Location(s): Chennai, Tamil Nādu, India.

Workspace Context:

• Collaborative workspace with global teams and cross-functional interaction.
• Access to development tools, multiple monitors, and testing devices.
• Opportunities for knowledge sharing, technical mentoring, and continuous learning.

Work Schedule: Flexible work schedule with deployment windows, maintenance, and project deadlines.

📄 Application & Technical Interview Process

Interview Process:

1. Technical Preparation: Brush up on cloud security fundamentals, security automation, and vulnerability management techniques.
2. Portfolio Review: Prepare a portfolio showcasing relevant cloud security projects, tools, and best practices.
3. Technical Challenge: Expect a hands-on technical challenge focusing on cloud security principles and tooling.
4. Final Evaluation: Prepare for a final evaluation focusing on technical impact, problem-solving, and communication skills.

Portfolio Presentation Strategy:

• Highlight cloud security tools and automation workflows.
• Demonstrate security assessments, penetration testing, and threat modeling techniques.
• Showcase security compliance and regulatory framework knowledge.

ATS Keywords: Cloud Security, DevSecOps, Vulnerability Management, Compliance, Threat Mitigation, CI/CD Pipelines, Security Monitoring, Penetration Testing, AWS, Infrastructure as Code, Container Security, API Security, Identity and Access Management, Network Security, Zero Trust Architecture.

📌 Application Steps

To apply for this Sr. Lead, Cloud Security Engineer position:

1. Customize Your Portfolio: Tailor your cloud security portfolio to highlight relevant projects, tools, and best practices.
2. Optimize Your Resume: Highlight cloud security skills, experience, and achievements relevant to the role.
3. Prepare for Technical Interviews: Brush up on cloud security fundamentals, tools, and best practices.
4. Research the Company: Understand ASSA ABLOY's security and access solutions, company culture, and industry context.