Cloud Security Technical Team Lead

Gurugram, Haryana
( Managed Services ) – MS Cloud /
Full Time /
Remote
Apply for this job
We are seeking an experienced Cloud Security Technical Team Lead to design, implement, and manage enterprise-grade security solutions across our clients Azure/AWS/GCP cloud environments. The ideal candidate will bring deep expertise in Cloud security domains, strong leadership skills, and hands-on experience in safeguarding cloud infrastructure, applications, and data. This role requires both strategic vision and technical execution to ensure our cloud ecosystems remain secure, compliant, and resilient.

Roles and Responsibilities

    • Lead the design, implementation, and management of security solutions across multiple cloud environments.
    • Define and enforce security policies, standards, and best practices aligned with organizational goals and compliance requirements.
    • Partner with IT, Cloud, and Security teams to assess risks, recommend mitigations, and ensure security controls are consistently applied.
    • Oversee threat modeling, risk assessments, and vulnerability management in cloud workloads.
    • Monitor, analyze, and respond to security incidents in collaboration with the SOC team.
    • Drive governance initiatives around identity, access, and privileged account management.
    • Conduct regular audits of security configurations and ensure compliance with regulatory frameworks (e.g., ISO 27001, SOC2, GDPR, HIPAA).
    • Provide technical leadership and mentorship to the cloud security team.
    • Organizes and delegates workload for the team - Assigns resources to clients and Manages Utilization of the cloud security team.
    • Stay updated on evolving cloud security technologies, tools, threats, and industry trends.
    • “Point of Contact” for urgent and critical customer technical escalations

Core Cloud Security Domains

    • Identity & Access Management (IAM)
    • Azure: Azure Active Directory (Azure AD), Conditional Access, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), Privileged Identity Management (PIM).
    • AWS: AWS IAM Identity Center (formerly AWS SSO), IAM Roles & Policies, Attribute-Based Access Control (ABAC), MFA, AWS Organizations for centralized access control, and AWS IAM Access Analyzer for policy validation.
    • Network Security
    • Azure: Azure Firewall, Network Security Groups (NSG), Application Security Groups (ASG), Azure DDoS Protection, Web Application Firewall (WAF), Private Link, Service Endpoints.
    • AWS: AWS Network Firewall, Security Groups, Network ACLs, AWS Shield (Standard & Advanced), AWS WAF, AWS PrivateLink, VPC Endpoints.
    • Data Protection & Encryption
    •  Azure: Azure Key Vault, Azure Disk Encryption, Transparent Data Encryption (TDE), encryption in transit and at rest, Azure Confidential Computing.
    • AWS: AWS Key Management Service (KMS), AWS CloudHSM, EBS Encryption, S3 Server-Side Encryption (SSE), AWS Nitro Enclaves for confidential computing, TLS for encryption in transit.
    • Application Security
    • Azure: Secure DevOps with Azure DevOps & GitHub Actions, API Management security, Web App security baselines, Azure Application Gateway with WAF.
    • AWS: AWS CodePipeline/CodeBuild for DevSecOps, AWS API Gateway with throttling and authorization, AWS WAF integrated with CloudFront or ALB, AWS AppConfig for safe deployments.
    • Threat Protection & Monitoring
    • Azure: Microsoft Defender for Cloud, Defender for Endpoint, Defender for Identity, Azure Sentinel (SIEM), Log Analytics.
    • AWS: Amazon GuardDuty, AWS Security Hub, AWS Inspector, AWS CloudTrail, Amazon Detective, AWS Config, and Amazon OpenSearch for SIEM-like capabilities.
    • Compliance & Governance
    • Azure: Azure Policy, Azure Blueprints, Microsoft Purview Compliance Manager, Security Center recommendations.
    • AWS: AWS Config, AWS Organizations SCPs, AWS Audit Manager, AWS Artifact for compliance reports, AWS Control Tower for governance at scale.
    • Vulnerability & Patch Management
    • Azure: Microsoft Endpoint Manager (Intune), Azure Update Management, Defender for Endpoint vulnerability assessments.
    • AWS: AWS Systems Manager Patch Manager, AWS Inspector for vulnerability scanning, AWS Systems Manager State Manager for configuration compliance.
    • Incident Response & Recovery
    • Azure: Integration with SOC workflows, Azure Automation runbooks, Azure Backup, Azure Site Recovery.
    • AWS: AWS Systems Manager Automation for runbooks, AWS Backup, AWS Elastic Disaster Recovery (DRS), integration with third-party SIEM/SOAR tools.

Qualifications

    • 8+ years of IT security experience, with 5+ years in cloud security.
    • Proven expertise in cloud security architecture and operations.
    • Strong knowledge of cloud-native security services and third-party integrations.
    • Hands-on experience with cloud security such as Azure Sentinel, GuardDuty, Microsoft Defender suite.
    • Familiarity with security standards and frameworks (e.g., NIST, CIS, HIPPA, FedRAMP).
    • Strong leadership and communication skills to influence stakeholders and lead a team of cloud security engineers.
    • Relevant certifications preferred, such as: AZ-500 (Azure Security Engineer), SC-100 (Cybersecurity Architect Expert), CISSP, CISM, CCSP-Value Added, AWS Certified Security Specialty.
Apply for this job

AHEAD Home Page

Jobs powered by Lever logo