[Hiring] Cloud Security Engineer @Zensar

Role Description

We are seeking a highly skilled Cloud Security Engineer to design, implement, and maintain robust security controls for AWS cloud environments. This role is critical in securing the migration of banking infrastructure from on-premises data centers to AWS, ensuring compliance with financial regulations, data protection standards, and industry best practices.

The candidate must have deep expertise in AWS security services, cloud security posture management, and data protection strategies within highly regulated environments such as banking or financial services.

Key Responsibilities

• Cloud Security Architecture & Migration
  • Implement and secure AWS architectures for migrating on-premises banking workloads.
  • Perform threat modeling and risk assessments for migration strategies (rehost, replatform, refactor).
  • Define secure landing zones using AWS best practices (multi-account strategy, segmentation).
  • Ensure secure connectivity (VPN, Direct Connect) between on-prem and AWS environments.
  • Collaborate with infrastructure and DevOps teams to embed security into migration pipelines.
• AWS Cloud Security Controls
  • Implement and manage AWS-native security services, including:
    • Identity & Access Management (IAM) with least privilege access
    • AWS Organizations and Service Control Policies (SCPs)
    • AWS Key Management Service (KMS) for encryption
    • AWS CloudTrail, CloudWatch, GuardDuty, Security Hub
  • Establish strong access control mechanisms (RBAC/ABAC, MFA enforcement).
  • Harden compute, storage, and network layers (EC2, S3, RDS, VPC).
  • Experience in banking/financial services or other regulated industries.
  • Strong understanding of:
    • Data protection and privacy regulations
    • Secure migration strategies and risks
  • Ensure adherence to banking and financial regulatory requirements.
  • Work closely with GRC teams to align cloud security with enterprise policies.
• Data Security & Protection
  • Design and enforce data protection strategies for sensitive banking data:
    • Encryption at rest and in transit
    • Tokenization, masking, and anonymization
  • Implement secure key lifecycle management and HSM integration if required.
  • Define data classification and data loss prevention (DLP) controls.
• Cloud Security Posture Management (CSPM)
  • Implement and manage CSPM tools (e.g., AWS Security Hub, Prisma Cloud, Wiz, Orca).
  • Continuously monitor for misconfigurations, vulnerabilities, and compliance gaps.
  • Automate remediation using Infrastructure as Code (IaC) and security tooling.
• Automation
  • Integrate security into CI/CD pipelines (SAST, DAST, dependency scanning).
  • Define guardrails using Infrastructure as Code (Terraform, CloudFormation).
  • Automate security checks and policy enforcement (e.g., using AWS Config rules).
  • Enable secure secrets management (AWS Secrets Manager, Parameter Store).

Qualifications

• Strong hands-on experience with AWS cloud security services.
• Deep understanding of:
  • IAM, VPC security, encryption, network segmentation
  • Cloud-native logging and monitoring
• Experience with CSPM and vulnerability management tools.
• Familiarity with hybrid cloud environments (on-prem + AWS).
• Proficiency in scripting (Python, Bash) and IaC (Terraform/CloudFormation).
• Strong analytical and problem-solving skills.
• Ability to work cross-functionally with infrastructure, DevOps, and compliance teams.
• Excellent communication skills for technical and non-technical stakeholders.

Preferred Qualifications

• AWS Certifications (e.g., AWS Certified Security – Specialty).
• Experience with zero trust architecture and micro-segmentation.
• Exposure to container and Kubernetes security (EKS).
• Knowledge of SIEM/SOAR platforms.

Company Description

At Zensar, we’re “experience-led everything”. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures. Whether for our clients, our people, or the world around us, this belief powers everything we do.

At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus.

Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City.

We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace.