Back to Jobs
Cloud Security Engineer
Actively Reviewing
Sonata Software
Job Description
About Sonata Software
Sonata Software, with over $1.2 Billion Revenue, is a leading AI-first Modernization Engineering company, powered by our unique Platformation TM framework. Our 6400+ AI Engineers are helping enterprises transform from systems to intelligent business platforms leveraging partner ecosystem to drive speed, efficiency and growth. Our bouquet of Modernization Engineering Services with AI -first approach cuts across Cloud, Data, AI, Dynamics, Test Automation, and Managed Services.
Sonata’s AI-led modernization is enabled by a powerful suite of proprietary tools and assets. At the core is the Harmoni.AI Enterprise Platform, which includes Agent Bridge -a governance and observability framework; Agent Builder -a development toolkit for fungible agents integrated into enterprise systems; and the Agent Marketplace -an internal ecosystem for modular, reusable agents.
Headquartered in Bengaluru, India, Sonata Software has a strong global presence, including key regions US, UK, India, Malaysia, Mexico, Australia, DACH (Germany/Switzerland) & Nordics (Finland). We are a trusted partner of Fortune 500 companies in Banking, Financial Services and Insurance; Healthcare and Lifesciences; Telecom, Media, and Technology; and Retail, Manufacturing and Distribution space.
Deep collaborations with partners like Microsoft, AWS, Salesforce, and Snowflake strengthen our ability to deliver cutting-edge AI solutions. Our 30+years of partnership with Microsoft, and being part of the elite Microsoft Inner Circle, places us among the top 1% of global Microsoft partners. Sonata is now among the first companies to earn the Microsoft Frontier Partner Badge Also; Sonata Software is proud to achieve AWS Premier Tier Status in the AWS Partner Network.
Job Title- Cloud Security Engineer
Location- Noida/Bangalore
Experience : 7+years
Mandatory skills : CIS, CCM, CSPM/CNAPP.
Job Description
We are seeking a skilled and passionate Cloud Security Operations Engineer to join our dynamic Information Security team. In this role, you will be responsible for designing, implementing, and maintaining robust security controls across our public cloud environments, including AWS, Azure, and GCP. As a hands-on technical expert, you will play a crucial role in enhancing our cloud security posture, with a primary focus on data protection and incident management. This position offers the opportunity to work in a collaborative environment, where you will contribute to the security and resilience of our cloud infrastructure
Job Responsibilities
Technical Expertise
Why join Sonata Software?
At Sonata, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build never seen before solutions to some of the world’s toughest problems. You´ll be challenged, but you will not be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
Sonata Software is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity, age, religion, disability, sexual orientation, veteran status, marital status, or any other characteristics protected by law.
Sonata Software, with over $1.2 Billion Revenue, is a leading AI-first Modernization Engineering company, powered by our unique Platformation TM framework. Our 6400+ AI Engineers are helping enterprises transform from systems to intelligent business platforms leveraging partner ecosystem to drive speed, efficiency and growth. Our bouquet of Modernization Engineering Services with AI -first approach cuts across Cloud, Data, AI, Dynamics, Test Automation, and Managed Services.
Sonata’s AI-led modernization is enabled by a powerful suite of proprietary tools and assets. At the core is the Harmoni.AI Enterprise Platform, which includes Agent Bridge -a governance and observability framework; Agent Builder -a development toolkit for fungible agents integrated into enterprise systems; and the Agent Marketplace -an internal ecosystem for modular, reusable agents.
Headquartered in Bengaluru, India, Sonata Software has a strong global presence, including key regions US, UK, India, Malaysia, Mexico, Australia, DACH (Germany/Switzerland) & Nordics (Finland). We are a trusted partner of Fortune 500 companies in Banking, Financial Services and Insurance; Healthcare and Lifesciences; Telecom, Media, and Technology; and Retail, Manufacturing and Distribution space.
Deep collaborations with partners like Microsoft, AWS, Salesforce, and Snowflake strengthen our ability to deliver cutting-edge AI solutions. Our 30+years of partnership with Microsoft, and being part of the elite Microsoft Inner Circle, places us among the top 1% of global Microsoft partners. Sonata is now among the first companies to earn the Microsoft Frontier Partner Badge Also; Sonata Software is proud to achieve AWS Premier Tier Status in the AWS Partner Network.
Job Title- Cloud Security Engineer
Location- Noida/Bangalore
Experience : 7+years
Mandatory skills : CIS, CCM, CSPM/CNAPP.
Job Description
We are seeking a skilled and passionate Cloud Security Operations Engineer to join our dynamic Information Security team. In this role, you will be responsible for designing, implementing, and maintaining robust security controls across our public cloud environments, including AWS, Azure, and GCP. As a hands-on technical expert, you will play a crucial role in enhancing our cloud security posture, with a primary focus on data protection and incident management. This position offers the opportunity to work in a collaborative environment, where you will contribute to the security and resilience of our cloud infrastructure
Job Responsibilities
- Secure Architecture and Engineering
- Design and deploy secure reference architectures across multi-cloud environments.
- Integrate security into Infrastructure-as-Code (IaC) using tools like Terraform, CloudFormation, and ARM Templates.
- Implement cloud-native security controls: VPCs, WAFs, DDoS, and endpoint protections.
- Ensure data protection via encryption, KMS/HSM, and DLP policies.
- Identity and Access Management (IAM)
- Design, implement, and audit IAM policies, roles, service accounts, and federation models using least-privilege principles.
- Configure MFA, SSO, and PAM solutions for secure cloud access.
- Monitoring, Detection, and Response
- Configure and maintain cloud-native security tools (e.g., AWS Security Hub, Microsoft Defender for Cloud, Google Security Command Center).
- Integrate cloud logs with SIEM systems for threat detection.
- Lead incident response efforts for cloud-related security events.
- Continuously monitor cloud environments using CSPM, CNAPP, and cloud-native security tools to identify, prioritize, and remediate security misconfigurations and policy violations.
- Track and manage cloud security findings through remediation workflows.
- Partner with Cloud Platform, Infrastructure, and Application teams to coordinate remediation of identified security risks and vulnerabilities.
- Conduct root cause analysis of recurring cloud security issues and recommend preventive controls and automation improvements.
- Cloud Data Loss Prevention (DLP) Management
- DLP Alert Triage and Investigation: Monitor, triage, and investigate all DLP alerts and events. Differentiate between policy violations, potential insider threats, and false positives, escalating confirmed incidents to the Incident Response team.
- Tool Optimization and Tuning: Serve as the subject matter expert (SME) for Cloud DLP tools (e.g., Microsoft Purview, Google DLP, dedicated CASB solutions). Continuously tune policies and rulesets to minimize alert fatigue while maintaining high fidelity.
- Reporting and Compliance: Generate regular reports on DLP effectiveness, policy violations, and risk trends for leadership and compliance/audit teams (e.g., SOC 2, HIPAA, GDPR).
- Data Classification Integration: Collaborate with Governance, Risk, and Compliance (GRC) teams to ensure DLP policies align with the corporate data classification framework.
- Automation and DevSecOps
- Develop automation scripts (Python, PowerShell, Bash) and serverless functions (AWS Lambda, Azure Functions, Google Cloud Run).
- Cloud Security Posture Management & Compliance
- Continuously assess AWS, Azure, and GCP environments using CSPM platforms to identify misconfigurations, excessive permissions, exposed resources, compliance gaps, and other security risks.
- Develop, maintain, and enforce cloud security baselines aligned with industry standards, regulatory requirements, and organizational security policies.
- Perform periodic cloud security assessments and audits using CIS Benchmarks, CSA Cloud Controls Matrix (CCM), NIST, and internal security standards.
- Drive remediation of findings identified through CSPM monitoring, security assessments, audits, compliance reviews, and risk assessments.
- Support internal and external audits by providing cloud security evidence, compliance reporting, and remediation status updates.
- Secure Access and Network Security Controls
- Enforce secure access patterns by eliminating unnecessary public exposure and implementing private endpoints, bastion hosts, AWS Systems Manager Session Manager, and least-privilege network segmentation.
- Enforce private connectivity architectures by leveraging:
- AWS PrivateLink
- Azure Private Endpoints
- Google Private Service Connect
- Eliminate unnecessary public exposure of cloud workloads, services, and management interfaces.
- Design and maintain least-privilege network segmentation and cloud-native firewall controls across multi-cloud environments.
- Cloud Workload Security and Hardening
- Establish and maintain secure cloud operating system baselines using CIS Benchmarks and vendor-recommended hardening standards.
- Perform periodic reviews and validation of operating system, virtual machine, and container security configurations.
- Collaborate with Infrastructure and Platform teams to implement hardened images and golden image standards.
- Monitor and remediate deviations from approved OS hardening baselines.
Technical Expertise
- Deep knowledge of at least one cloud platform (AWS, Azure, or GCP).
- Proficiency in scripting: Python (preferred), PowerShell, Unix shell scripting.
- Strong understanding of networking and cloud-native network security.
- Experience with CSPM/CNAPP platforms such as CloudGuard Dome9, Wiz, Prisma Cloud, Microsoft Defender for Cloud, or similar solutions.
- Strong knowledge of CIS Benchmarks, CSA Cloud Controls Matrix (CCM), NIST, and industry cloud security best practices.
- Familiarity with securing OS and containerized environments (Docker, Kubernetes).
- Experience implementing secure cloud network architectures, private endpoints, bastion access patterns, and zero-trust security principles.
- Experience supporting cloud compliance, audit readiness, and regulatory assessments.
Why join Sonata Software?
At Sonata, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build never seen before solutions to some of the world’s toughest problems. You´ll be challenged, but you will not be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
Sonata Software is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity, age, religion, disability, sexual orientation, veteran status, marital status, or any other characteristics protected by law.
Required Skills
Similar Jobs
View all →
Cybersecurity Engineer - Privileged Access Management
Moody's Corporation
Bengaluru
REST API
Event-driven architecture
OAuth 2.0
+14
DE-Platform Engineer Senior - VG-F02
EY
Hyderabad
Red Hat
Root Cause Analysis
Adobe Illustrator
+27
Cloud Solutions Analyst- Hyderabad
Deloitte
Hyderabad
Machine Learning
Red Hat
Adobe Illustrator
+14
Cloud Security & DevOps Expert
Network Intelligence
Mumbai
Security Compliance
ISO 27001
Adobe Illustrator
+12
Senior Technical Support Engineer
NiCE
Pune
REST API
Adobe Illustrator
Root Cause Analysis
+17
Similar Jobs
View all →
Cybersecurity Engineer - Privileged Access Management
Moody's Corporation
Bengaluru
DE-Platform Engineer Senior - VG-F02
EY
Hyderabad
Cloud Solutions Analyst- Hyderabad
Deloitte
Hyderabad
Cloud Security & DevOps Expert
Network Intelligence
Mumbai
Senior Technical Support Engineer
NiCE
PuneShare
Quick Apply
Upload your resume to apply for this position
–