Senior Cloud SecOps- Head Office, Gurugram

Overview

Lead vulnerability management, DevSecOps, and cloud security initiatives.

Key Responsibilities

• vulnerability management
• secure sdlc
• cloud security
• devsecops
• risk prioritization
• client liaison

Tasks

We are looking for a candidate to lead end-to-end vulnerability management initiatives, implementing DevSecOps practices, and securing cloud-native applications. The role involves proactive engagement with clients and internal teams to strengthen security posture across applications, infrastructure, and CI/CD pipelines, ensuring alignment with organizational security policies and compliance standards. -Liaise with clients, stakeholders, and internal teams to align security strategies with business objectives. -Maintain oversight of the end-to-end vulnerability management process, ensuring timely resolution and continuous improvement. -Create and maintain accurate project and technical documentation. -Evaluate and secure client software development practices by integrating security controls into the SDLC and CI/CD pipelines (“shift-left” approach). -Integrate, configure, and manage secure public cloud services (AWS, Azure, or GCP). -Collaborate with the Cloud SecOps team to strengthen cloud-native application security. -Monitor vulnerabilities (including analysis of CERT advisories) and propose effective remediation plans, considering business impact and technical exposure. -Implement, enhance, and maintain DevSecOps practices across development and operations teams. -Determine the real impact of vulnerabilities and ensure risk-based prioritization. -Lead vulnerability scanning, analysis, prioritization, and remediation efforts across diverse environments.

Requirements

• python
• shell scripting
• docker
• kubernetes
• qualys
• sast

What You Bring

-Proficiency in Python and Shell scripting (experience in additional languages is a plus). -Familiarity with vulnerability scanning tools such as Qualys, Prisma Cloud, or equivalent. -Working knowledge of DevSecOps tools such as SAST, SCA, Snyk, or Checkmarx. -Hands-on experience with Docker and Kubernetes. -Experience in implementing secure SDLC and build processes. -Minimum 4 years of professional experience in cybersecurity, vulnerability management, or DevSecOps. -Strong understanding of CVE analysis and ability to communicate vulnerabilities to both technical and non-technical audiences. -Practical experience with at least one major cloud platform (AWS, Azure, or GCP).

People Also Searched For

About Suez

-Tracing its roots over 160 years, the company has evolved into a global force in water treatment and waste management. -It operates in 40 countries. -The firm designs, builds and operates thousands of treatment plants—serving over a billion people worldwide. -Its Engineering & Construction arm delivers turnkey water and waste recycling facilities using flagship technologies. -The consulting division supports cities and industries with infrastructure planning, resilience, and water‑cycle expertise. -Its R&D hubs—across Europe and Asia—hold over 1,800 patents and pioneer innovations like wastewater heat recovery.

Sector Specialisms