Posted 07 July, 2026
Cloud Security -Senior MGR
Diverse Lynx
Bangalore,Karnataka
Full Time
Reference: 365_569689_26-00980
Cloud Security Service
Purpose
Manage privileged identities for tenants and subscriptions and administer DLP controls.
Key Responsibilities
Required Skills
CyberArk (PAM), SailPoint (IGA), DLP administration, identity lifecycle, multi-cloud IAM.
Qualifications & Experience
Day-to-Day & Deliverables
Tools & Tech Stack
Lead the governance, strategy, and operations of cloud firewall platforms across multi-cloud environments to ensure secure network traffic control, policy standardization, and enterprise-wide protection.
Key Responsibilities
Design, implement, and optimize cloud firewall solutions, ensuring robust traffic control, policy enforcement, and secure cloud connectivity across environments.
Key Responsibilities
Support implementation, monitoring, and maintenance of cloud firewall controls to ensure secure network traffic and policy compliance across cloud environments.
Key Responsibilities
Drive detailed policy creation, testing, and optimization across Zscaler platforms, ensuring alignment with governance standards while supporting deployment oversight and advanced analytics.
Key Responsibilities
Zscaler ZIA / ZPA / ZCC, connector administration, policy governance, secure web / zero-trust access.
Qualifications & Experience
Lead the governance of Zscaler proxy policies (ZIA/ZPA/ZCC/ZTG) by defining, standardizing, and overseeing enterprise-wide policy design, testing, fine-tuning, and compliance. The role ensures IT-led deployments align with governance-approved policies, enterprise security baselines, and zero-trust objectives.
Key Responsibilities
Purpose
Design and build cloud network security controls to govern internet access securely.
Key Responsibilities
Required Skills
Cloud networking, software firewalls, VPN, secure connectivity design, multi-cloud network security.
Qualifications & Experience
Day-to-Day & Deliverables
Tools & Tech Stack
1. Identity
1.1 Identity Management Specialist
Purpose
Manage privileged identities for tenants and subscriptions and administer DLP controls.
Key Responsibilities
- Onboard privileged accounts and secrets to CyberArk and manage safe / vault structure.
- Manage privileged access across tenants and subscriptions; enforce least-privilege and just-in-time access.
- Configure SailPoint identity lifecycle, access certifications and provisioning workflows.
- Administer and monitor DLP policies, controls and alerts across the cloud estate.
Required Skills
CyberArk (PAM), SailPoint (IGA), DLP administration, identity lifecycle, multi-cloud IAM.
Qualifications & Experience
- Experience (by band) in IAM / PAM administration: PA/GenC 0-2 yrs; A 2-4 yrs; SA 4-8 yrs; SM/M 8-12 yrs.
- Hands-on CyberArk (PAM) and SailPoint (IGA) experience.
- Working knowledge of cloud IAM across Azure / AWS / GCP.
- Relevant certification preferred (CyberArk Defender, SailPoint, or cloud IAM).
Day-to-Day & Deliverables
- Process privileged-access onboarding and recertification requests.
- Monitor PAM session and DLP alerts and escalate as needed.
- Support access reviews and audit-evidence requests.
- Deliverables: onboarded privileged identities, access-certification campaigns, DLP enforcement, audit evidence.
Tools & Tech Stack
- CyberArk PAM, SailPoint IdentityIQ / IdentityNow, DLP platform (Microsoft Purview or equivalent), Entra ID / AWS IAM / GCP IAM, ServiceNow.
2. Network
2.1 Cloud Firewall Manager
PurposeLead the governance, strategy, and operations of cloud firewall platforms across multi-cloud environments to ensure secure network traffic control, policy standardization, and enterprise-wide protection.
Key Responsibilities
- Define cloud firewall strategy, architecture standards, and policy governance framework
- Ensure alignment with enterprise security architecture and zero-trust initiatives
- Own lifecycle of cloud firewall platforms (Azure Firewall, AWS Network Firewall, GCP NGFW, Palo Alto VM-Series)
- Drive platform scalability, performance optimization, and cost governance
- Oversee firewall rule lifecycle, policy standardization, and segmentation strategy
- Ensure consistency across multiple cloud environments
- Lead critical incident response involving firewall controls and traffic inspection issues
- Ensure 24x7 operational readiness and SLA adherence
- Manage firewall engineering team, drive capability development and skill uplift
- Define operating model, KPIs, and governance processes
- Act as primary interface with cloud, network, SOC, and application teams
- Provide executive-level reporting on firewall posture and risk exposure
- Experience
- 10-15 years in network/cloud security
- 5+ years in enterprise firewall management or cloud firewall platforms
- Experience managing large-scale, multi-cloud environments
- Technical Skills
- Deep expertise in Azure Firewall, AWS Network Firewall, GCP NGFW, Palo Alto NGFW VM-Series, and Panorama.
- Strong understanding of network segmentation, zero trust, traffic inspection, VPN, ExpressRoute, and Direct Connect.
- Certifications (Preferred)
- PCNSE / equivalent
- Cloud certifications such as AWS, Azure, or GCP Security / Architect
- CISSP / CCSP
2.2 Senior Cloud Firewall Engineer
PurposeDesign, implement, and optimize cloud firewall solutions, ensuring robust traffic control, policy enforcement, and secure cloud connectivity across environments.
Key Responsibilities
- Deploy and manage cloud-native firewalls and NGFW platforms
- Configure and optimize firewall policies and rule sets
- Implement rule changes, standardize policies, and ensure compliance
- Tune policies to balance security and performance
- Investigate blocked/allowed traffic and resolve connectivity issues
- Analyze logs and traffic flows for anomalies
- Support incident response and security investigations
- Collaborate with SOC teams on firewall-related alerts
- Implement IaC-based deployments (Terraform, ARM, CloudFormation)
- Integrate firewall logs with SIEM/SOAR systems
- Ensure firewall performance, availability, and scalability
- Perform capacity planning and health monitoring
- Experience
- 5-10 years in network security / firewall engineering
- Hands-on experience with multi-cloud firewall deployments
- Technical Skills
- Strong hands-on expertise in Azure Firewall, AWS Network Firewall, GCP NGFW, Palo Alto NGFW, and Panorama.
- Knowledge of routing, DNS, NAT, IPS / IDS, TLS inspection, hybrid cloud networking, and security.
- Certifications (Preferred)
- PCNSE / equivalent
- Azure / AWS networking or security certification
2.3 Cloud Firewall Engineer
PurposeSupport implementation, monitoring, and maintenance of cloud firewall controls to ensure secure network traffic and policy compliance across cloud environments.
Key Responsibilities
- Implement firewall rule changes and configurations
- Monitor firewall logs and alerts for anomalies
- Troubleshoot connectivity issues and assist in root cause analysis
- Validate traffic flows and access policies
- Ensure adherence to predefined firewall policies and standards
- Support periodic policy reviews and cleanup
- Support incident response and change management processes
- Maintain documentation and change records
- Assist in IaC deployments and basic scripting for automation
- Support integration with logging and monitoring tools
- Experience
- 2-5 years in network or cloud security
- Exposure to firewall technologies and cloud platforms
- Technical Skills
- Basic to intermediate knowledge of cloud firewalls across Azure, AWS, and GCP.
- Basic to intermediate knowledge of networking fundamentals such as TCP/IP, routing, NAT, and DNS.
- Familiarity with firewall rule configuration, monitoring, and Linux / Windows environments.
- Certifications (Preferred)
- Entry-level cloud certifications such as AWS, Azure, or GCP.
- Network / security certifications such as CCNA Security.
2.4 Zscaler Governance Specialist
PurposeDrive detailed policy creation, testing, and optimization across Zscaler platforms, ensuring alignment with governance standards while supporting deployment oversight and advanced analytics.
Key Responsibilities
- Govern Zscaler policy consistency across ZIA, ZPA and ZCC, including Cloud Boost / Trust Gateway scope.
- Implement security best practices for URL filtering, SSL inspection, and application access policies.
- Analyze and fine-tune Zscaler rules and categories to minimize false positives and optimize performance.
- Work closely with the Proxy Governance Leader to align operational actions with strategic direction.
- Monitor daily proxy traffic and alerts to detect anomalies or misconfigurations.
- Collaborate with SOC and Threat Intelligence teams to apply relevant threat feeds and indicators to proxy policies.
- Maintain and document configuration baselines, policy versions, and change logs.
- Identify gap regions where cloud-native controls must complement Zscaler and coordinate remediation.
- Maintain policy documentation and compliance evidence.
Zscaler ZIA / ZPA / ZCC, connector administration, policy governance, secure web / zero-trust access.
Qualifications & Experience
- Minimum of 5 to 10 years' experience in Zero Trust, Proxy, VPN, Firewall and DLP operations.
- Strong hands-on experience with Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA).
- Working knowledge of web proxy technologies, SSL inspection, and Zero Trust Network Access (ZTNA) models.
- Experience managing ZIA policy modules - URL filtering, Cloud Firewall, Bandwidth Control, and DLP.
- Experience with ZPA access policies, connectors, and app segmentation for private application access.
- Familiarity with Zscaler Client Connector (ZCC) and GRE/IPSec tunnel configurations.
- Understanding of Active Directory, Entra ID (Azure AD), and Okta authentication integration with Zscaler.
- Review and reconcile Zscaler policies across modules.
- Monitor connector health and remediate gaps.
- Support access and compliance reviews.
2.5 Zscaler Governance Manager
PurposeLead the governance of Zscaler proxy policies (ZIA/ZPA/ZCC/ZTG) by defining, standardizing, and overseeing enterprise-wide policy design, testing, fine-tuning, and compliance. The role ensures IT-led deployments align with governance-approved policies, enterprise security baselines, and zero-trust objectives.
Key Responsibilities
- Define enterprise proxy policy framework (URL filtering, SSL inspection, Cloud App Control, Client, App Profiles)
- Establish governance standards, baselines, and approval workflows for all Zscaler policies
- Own design, creation, and lifecycle management of all proxy policies
- Ensure policies are validated through testing, tuning, and impact assessments before IT deployment
- Maintain centralized policy repository, version control, and audit trail
- Provide governance approvals and oversight for policy deployment by IT teams
- Validate changes via CR process and track implementation against design intent
- Ensure no unauthorized bypass, exclusions, or deviations
- Drive continuous fine-tuning of policies to reduce false positives and improve user experience
- Lead initiatives such as SSL bypass removal, Client optimization, and baseline policy alignment
- Ensure proxy policies align with enterprise security frameworks and regulatory requirements
- Govern exceptions, bypass controls, and audit compliance
- Act as SME for Zscaler governance across Security, IT, Network, and Cloud teams
- Provide executive dashboards on policy coverage, bypass risks, and compliance posture
- 10-15 years in network/cloud security
- 5+ years in proxy/Zscaler governance roles
- Deep expertise in:
- ZIA policy modules (URL, SSL, Cloud App, DLP, Firewall, Cloud Connectors, ZTG)
- Client files, App Profiles, forwarding policies
- Strong governance, audit, and stakeholder management experience
- Certifications: Zscaler (ZCCP/ZCA), CISSP/CCSP preferred
3.6 Cloud Networking Specialist - Software Firewall / VPN
Purpose
Design and build cloud network security controls to govern internet access securely.
Key Responsibilities
- Design and build cloud network security controls for secure internet ingress / egress.
- Build out and configure software firewalls and VPN / secure-connectivity solutions.
- Run POCs and evaluate network security products.
- Assist with implementation, rollout and operational handover.
Required Skills
Cloud networking, software firewalls, VPN, secure connectivity design, multi-cloud network security.
Qualifications & Experience
- Experience (by band) in network security and cloud networking: PA/GenC 0-2 yrs; A 2-4 yrs; SA 4-8 yrs; SM/M 8-12 yrs.
- Hands-on with cloud-native networking and software firewalls / VPN.
- Knowledge of secure connectivity and segmentation design.
- Network / cloud security certification preferred (e.g., CCNP Security, PCNSE).
Day-to-Day & Deliverables
- Build and validate network security configurations.
- Support firewall / VPN change requests and rollouts.
- Troubleshoot connectivity and traffic-inspection issues.
- Deliverables: network security designs, deployed firewall / VPN configurations, POC evaluations.
4.3 Telemetry Sr Engineer / Engineer
Key Responsibilities - Log Source Onboarding:
- Independently onboard and validate new log sources, including infrastructure, cloud services, applications, and security tools.
- Collaborate with asset owners and platform teams to gather requirements and ensure seamless integration.
- Pipeline Architecture & Optimization
- Design, implement, and optimize scalable telemetry pipelines that ensure high performance, reliability, and maintainability across enterprise environments.
- Standardize onboarding processes, data flows, transformations, and pipeline configurations to increase consistency and reduce rework.
- Build, configure, and maintain robust Cribl pipelines for routing, filtering, enriching, and transforming telemetry data.
- Ensure pipelines are optimized for performance, scalability, and reliability.
- Data Normalization & Enrichment
- Develop and implement advanced parsing, metadata tagging, enrichment, and masking logic to standardize telemetry events across diverse formats and vendors.
- Apply normalization techniques to ensure consistent data quality for downstream analytics and SIEM platforms.
- Troubleshooting & Issue Resolution
- Proactively monitor telemetry pipelines for ingestion issues, latency, message drops, and anomalies.
- Diagnose and resolve pipeline errors, source connectivity problems, and data quality issues within defined SLAs.
- Qualifications & Experience
- 6+ years of hands-on experience in telemetry / log engineering, with deep expertise in Cribl Stream / Edge, Splunk, and cloud SIEM solutions, preferably XSIAM.
- Strong proficiency in automation and scripting, including Python, JavaScript, Regex, YAML, or similar languages.
- Proven experience designing and optimizing enterprise-scale telemetry pipelines and data integrations.
- Preferred certifications include Cribl Certified Admin / Cribl Certified Engineer and SIEM Engineer / Architect certifications.
-
4.4 Use Case Engineering
Key Responsibilities - Use Case Lifecycle Governance
- Own the end-to-end use case lifecycle from ideation, design, development, validation, deployment, tuning, and retirement.
- Maintain governance standards for use case prioritization, approval, documentation, and periodic review.
- Ensure each use case is traceable to business risk, threat scenarios, compliance drivers, or MITRE Telecommunication&CK techniques.
- Detection Engineering
- Design and develop advanced threat detection use cases across SIEM and analytics platforms.
- Translate threat intelligence, adversary behaviours, incident learnings, and control gaps into actionable detection logic.
- Develop scalable detection queries using SPL, KQL, XQL, or other applicable SIEM query languages.
- Validation, Testing & Tuning
- Create and maintain test plans to validate detection accuracy, coverage, and operational readiness.
- Continuously tune use cases based on false-positive trends, alert quality, SOC feedback, and incident outcomes.
- Support migration, regression testing, and tuning of use cases across SIEM or analytics platform changes.
- Threat Framework Alignment
- Map detection content to MITRE Telecommunication&CK, D3FEND, Cyber Kill Chain, and relevant threat-modelling methodologies.
- Identify detection gaps across tactics, techniques, procedures, log sources, and telemetry coverage.
- Recommend new or enhanced detections to address emerging cloud, identity, endpoint, and network threats.
- Cross-Team Collaboration & Reporting
- Collaborate with SOC analysts, threat intelligence, incident response, telemetry engineering, and platform teams to ensure operational fit.
- Align detection logic with SOAR playbooks, incident response procedures, and escalation workflows.
- Maintain use case documentation, coverage dashboards, tuning records, and performance metrics for leadership reporting.
- Qualifications & Experience
- 8+ years in cybersecurity with at least 4 years in security operations or detection engineering.
- Proven experience in utilizing /managing use case lifecycle frameworks.
- Strong understanding of SIEM platforms, log analytics, and detection engineering concepts.
- Familiarity with MITRE Telecommunication&CK, D3FEND, Cyber Kill Chain, Diamond Model, and Threat Modelling methodologies (e.g., STRIDE, PASTA).
- Experience in scripting (e.g., Python), query languages (e.g., SPL, KQL, XQL), and automation tooling is preferred.
- Industry certifications like CISSP, CISM, SIEM related certifications or MITRE Telecommunication&CK Defender are a plus
-
4.5 ASM Analyst - Cloud Infra
Key Responsibilities - Perform vulnerability scans and initial analysis of results to identify security weaknesses in target assets (servers and network devices).
- Generate and maintain vulnerability reports and operational dashboards for both technical and leadership consumption.
- Coordinate with IT and infrastructure teams to track remediation progress and validate closure of high/critical vulnerabilities.
- Validate adherence to CIS benchmark through periodic system reviews and compliance checks.
- Track and publish internal security advisories in response to emerging threats and vendor bulletins (e.g., CVEs, Zero-Day exploits).
- Act as the first point of contact for vulnerability management queries from application owners, infrastructure teams, and business units.
- Ensure timely escalation of unresolved issues or critical risk exposures to Level 2 analysts or management.
- Maintain updated documentation for vulnerability management workflows, tool usage, and reporting formats.
- Support automation of repeatable analysis and reporting tasks through scripting or security tool features (e.g., API queries, dashboards).
- Perform false positive analysis to validate scan results and eliminate noise from reporting and remediation pipelines.
- Conduct proof-of-exploit validation for identified critical vulnerabilities, where necessary, to assess true risk and support prioritization. [without impacting business]
- Qualifications & Experience
- Work Experience
- 1-6 years of experience in cybersecurity, preferably in vulnerability management.
- Certifications
- Relevant certifications such as CEH / CompTIA Security+ / Microsoft Security Engineer or Administrator and any VA tool vendor certification are preferred.
- Technical Skills
- Proficiency in industry-leading vulnerability management tools such as Qualys, Tenable, or Rapid7 is essential.
- Basic knowledge of system hardening standards and methods is preferred.
- Proficiency in Python and PowerShell scripting is beneficial.
- Familiarity with data analysis and visualization tools such as Power BI is advantageous.
- Analytical Skills
- Strong attention to detail and problem-solving abilities.
-
4.6 DFIR Analyst - Cyber Incident Response
Key Responsibilities - Execute cyber incident response activities, including triage, Analysis, containment, remediation, and recovery.
- Serve as a first responder for security incidents, escalating as needed.
- Collaborate with SOC, IT, ETAT and HR teams during incidents and investigations.
- Perform technical investigations, forensic analysis, log review, and incident response across various platforms.
- Ensure proper documentation, evidence collection, and chain-of-custody processes.
- Participate in post-incident reviews.
- Support developing incident response playbooks, and detection capabilities.
- Track and report incident response metrics and trends to leadership.
- Support process improvement initiatives for incident response and automation.
- Collaborate with engineering and operations to address systemic issues identified during investigations.
- Track lesson learned until closure
- Handle sensitive evidence with discretion and professionalism.
- Qualifications & Experience
- Education
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Experience
- 2-5 years of experience in cyber incident response, digital forensics, or threat hunting.
- Certifications
- GCFA - GIAC Certified Forensic Analyst.
- GCIH - GIAC Certified Incident Handler.
- GCIA - GIAC Certified Intrusion Analyst.
- CHFI - Computer Hacking Forensic Investigator.
- OSCP / OSCE - Offensive Security certifications.
- EnCE - EnCase Certified Examiner or equivalent certifications are preferred.
- CEH - Certified Ethical Hacker.
- Technical Skills
- Experience with forensic tools such as EnCase, FTK, and Volatility; SIEM platforms such as Splunk and QRadar; and EDR tools such as CrowdStrike and Palo Alto.
- Understanding of TCP/IP, network forensics, and intrusion analysis.
- Knowledge of threat intelligence frameworks such as MITRE Telecommunication&CK.
- Scripting skills in Python, PowerShell, or Bash are a plus.
- Analytical Skills
- Strong attention to detail and problem-solving abilities.
- Communication Skills
- Effective communication and reporting skills for technical and non-technical audiences.
Tools & Tech Stack
- Azure / AWS / GCP networking, Palo Alto / software firewalls, VPN / secure-access gateways, Terraform, packet / traffic-analysis tools.
4. Cloud Security Operations - IR / Monitoring / Vulnerability Mgmt.
4.1 SOC Monitoring - L1 Analyst
Key Responsibilities- Responsible for Triaging alerts, within defined SLA, triggered in SIEM to determine true positive, criticality and ownership
- Analyze true positive incidents and provide detailed analysis comments for respective support / business functions to take corrective / remedial / compensatory actions
- Responsible for following the Standard Operating Procedure for triaging and analysing alerts
- Responsible for handling requests specific to SOC alerts in timely manner.
- Responsible for generating pre-defined reports, updating report conclusions and sending them to relevant stakeholders
- Responsible for supporting L2 / SOC leadership in preparing Standard Operating Procedure for triaging alerts generated by the use cases
- Responsible for recommending updates to SOP / Use cases based on changed scenario / new learnings
- Experience: up to 3 years of experience in cybersecurity, preferably in threat detection and incident response
- Certifications: Relevant certifications such as Security+, CeH, CCNA, MS SE-200 etc.
- Technical Skills:
- Basic understanding of Networking, OSI model, Operating Systems, Web applications, databases.
- Scripting / Programming skills is added advantage
- Analytical Skills: Strong attention to detail and problem-solving abilities
- Communication Skills: Ability to explain technical risks to non-technical stakeholders and collaborate effectively with cross-functional teams
4.2 SOC Monitoring - L2 Analyst
Key Responsibilities- Security monitoring and handling of security incidents generated by SOC tools like SIEM, EDR, etc., and triaging them as per established processes and defined SLA.
- Day-to-day coordination and collaboration with other IT groups, Information Security teams, and business units to handle requests and security incidents.
- Assist with incident response and investigation activities.
- Analyze breaches to identify root cause.
- Contribute to incrementally improving core security controls.
- Provide inputs to monitor, manage, and tune core security controls.
- Develop and deliver required metrics and reports.
- Contribute to process and procedure documentation for core security controls.
- 3-5 years of experience in information technology preferred.
- 1-3 years of information security experience across two or more risk management domains, such as network security, host / endpoint security, data security, incident response, security monitoring, vulnerability management, or application security.
- Good knowledge of TCP/IP, networking concepts, ports and protocols, and OSI layers.
- Understanding of network security infrastructure and components such as firewalls, IPS, proxy, WAF, EDR, SIEM, antivirus, and DLP.
- Knowledge of SIEM and log management platforms to perform complex security analysis.
- Knowledge of SIEM tools such as Splunk, IBM QRadar, ArcSight, or LogRhythm is preferred.
- Knowledge of Digital Shadows and ServiceNow is preferred.
- Demonstrated experience with multiple security controls across multiple security domains.