Match score not available

Cloud Security Engineer II

unlimited holidays - extra parental leave - fully flexible
Remote: 
Hybrid
Contract: 
Experience: 
Senior (5-10 years)
Work from: 
Bengaluru (IN)

Offer summary

Qualifications:

4-6 years in cloud security, Experience in GCP Cloud Security tools, Knowledge of cybersecurity frameworks, Strong threat intelligence and analysis skills, Certifications like CISSP or CEH are a plus.

Key responsabilities:

  • Implement cyber threat management strategies
  • Conduct vulnerability assessments and monitoring
  • Manage incident response workflows and compliance
  • Monitor emerging threats in the cloud environment
  • Conduct training and support during incidents
Narvar logo
Narvar Computer Software / SaaS Startup https://corp.narvar.com/
201 - 500 Employees
HQ: San Mateo
See more Narvar offers

Job description

Narvar is growing! The Cyber Defense team is at the forefront of protecting the organization’s critical infrastructure and data from cyber threats. This dynamic and highly skilled team is responsible for threat detection, incident response, and continuous improvement of security posture. Working closely with other departments; majorly with DevOps, the Cyber Defense team ensures a secure environment across all cloud operations, specializing in GCP Cloud Security. We are committed to staying ahead of the latest threats and vulnerabilities, leveraging cutting-edge tools and frameworks to safeguard the organization’s assets and reputation.

Narvar is seeking a skilled cybersecurity professional to join our Cyber Defense vertical, specializing in GCP Cloud Security. In this role, you will be responsible for protecting our cloud infrastructure from evolving cyber threats, ensuring the implementation of robust security practices, and responding to incidents with speed and precision. You'll advise on cyber threat management, conduct proactive threat hunting, and develop incident response strategies, while ensuring adherence to security standards and frameworks like ISO 27001, SOC2, and PCI. This is a hands-on technical role that requires deep knowledge of cloud security tools, threat detection tools like WAF, Cloud Armour, EDR/XDR, SIEM-Wazuh, and response in GCP environments.

Day-to-day

  • Advise and implement cyber threat management, threat hunting, cyber intelligence, attack surface management, and digital risk management for GCP.
  • Conduct cyber risk and vulnerability assessments, with an emphasis on proactive threat detection.
  • Evaluate, implement, and maintain cybersecurity policies, procedures, and standards for cloud environments.
  • Monitor, detect, and respond to security incidents in GCP using tools like WAF, XDR/EDR, CSPM, and SIEM (Wazuh).
  • Monitor and analyze API requests to load balancers (LBs) and API defenders, identifying and mitigating any security risks.
  • Develop, standardize, and automate incident response functions and workflows, enhancing playbooks for efficiency.
  • Manage and coordinate cybersecurity programs, ensuring compliance with frameworks such as ISO 27001, SOC2, and PCI.
  • Lead post-incident analysis to identify root causes and implement corrective actions.
  • Conduct security awareness training, build incident response plans, and provide real-time support during security events.
  • Continuously monitor the cloud environment for emerging threats and vulnerabilities, taking proactive steps to remediate them.
  • Provide input on the development of security and compliance controls, ensuring vulnerabilities are closed and risks are mitigated.
  • Conduct manual validation to confirm that vulnerabilities have been successfully addressed.

 What we are looking for

  • At least 4-6 years of working experience in domains related to cloud security
  • Proven hands-on experience with GCP Cloud Security and related tools (Cloud Defenders, WAF, XDR/EDR, CSPM, and SIEM).
  • Expertise in creating detection logic, monitoring alerts, and responding to security incidents in a cloud environment.
  • Strong understanding of monitoring and securing API requests to load balancers and API defenders.
  • Solid understanding of cybersecurity frameworks, including ISO 27001, SOC2, and PCI.
  • Ability to execute incident response functions, develop incident reports, and perform post-incident analysis.
  • Strong knowledge of threat intelligence, threat hunting, and vulnerability assessment methodologies.
  • Experience automating and optimizing security workflows and processes.
  • Familiarity with cybersecurity program management and compliance with industry standards.
  • Excellent communication skills, with the ability to coordinate across teams during incidents.
  • Relevant certifications (e.g., GCP Cloud Security, CISSP, CEH) are a plus.
Why Narvar?

We're on a mission to simplify the everyday lives of consumers. Post-purchase is a critical phase of the customer journey. That's why we created Narvar - a platform focused on driving customer loyalty through seamless post-purchase experiences that allow retailers to retain, engage, and delight customers. If you've ever bought something online, there's a good chance you've used our platform!

From the hottest new direct-to-consumer companies to retail’s most renowned brands, Narvar works with GameStop, Neiman Marcus, Sonos, Nike, and 1300+ other brands. With hubs in San Francisco, Atlanta, London, and Bangalore, we've served over 125 million consumers worldwide across 10+ billion interactions, 38 countries, and 55 languages.

Pioneering the post-purchase movement means navigating into the unknown. Our team thrives on this sense of adventure while nurturing a mindset of innovation. We're a home for big hearts and we leave our egos at the door. We work hard but we always make time to celebrate professional wins, baby showers, birthday parties, and everything in between.

We are an equal-opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-SA1

#LI-Hybrid

Please read our Privacy Policy to learn what personal information we collect in connection with your job application, and how we may use and share it. 

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Computer Software / SaaS
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Team Management
  • Verbal Communication Skills

Cloud Security Engineer Related jobs