Cloud Container -Build & Engineering-Openshift

Responsibilities:

• Manage CNAPP (Cortex/Prisma/Wiz) Platform configurations, and challenges daily, triaging challenge’s identity risks, and alerts, and driving remediation with engineering teams. Investigate and correlate security signals across multi-cloud environments (AWS, GCP, Azure, OpenShift) to identify high-risk exposures and prioritize actions based on business impact and exploitability.
• Work closely with PaC (policy-as-code) and guardrails (OPA, Sentinel, native cloud policies) teams to enforce secure-by-default configurations across cloud platforms for the CNAPP findings.
• Contribute to proof-of-concept efforts by evaluating new CNAPP features, cloud security tools, and container security capabilities, and recommending scalable adoption strategies. Document solutions, patterns, and learnings through runbooks, architecture decision records (ADRs), and knowledge-sharing sessions to enable broader team adoption.
• Act as a go-to technical resource, supporting application teams in designing secure cloud-native architectures and troubleshooting security-related issues.
• Work closely with Cloud Engineering and DevOps teams to embed security controls into CI/CD pipelines, ensuring shift-left security and continuous compliance.
• Support onboarding of new cloud accounts, Kubernetes clusters, and services into CNAPP by configuring data ingestion, identity mapping, and policy enforcement.
• Analyze cloud usage patterns and integrate with DSPM capabilities to identify sensitive data, validate access controls, and reduce data exposure risks.
• Collaborate with SIEM/SOAR and observability teams to integrate CNAPP signals into detection and response workflows, improving visibility and incident response time.
• Participate in incident triage and root cause analysis, contributing to remediation strategies and continuous improvement of detection and response playbooks.
• Experience in evaluating, onboard, and optimize CNAPP tools (Palo Alto Cortex, Wiz, or similar), ensuring full integration across cloud accounts, Kubernetes environments, and CI/CD pipelines.

Minimum Qualification

• 3+ years of experience in cloud security engineering across AWS, GCP, and/or Azure, with exposure to hybrid or private cloud environments (e.g., OpenShift).
• Experience in leading the design, hands-on implementation, and scaling of CNAPP capabilities (e.g., Palo Cortex) across multi-cloud environments including AWS, Azure, GCP, and OpenShift-based private cloud.
• Strong understanding and enabled end-to-end:
• CSPM, CWPP, CIEM, container security, and runtime protection posture management
• Cloud misconfiguration management and remediation automation
• Experience securing Kubernetes/OpenShift environments, including container security, workload isolation, and policy enforcement.
• Define and developing policy-as-code frameworks (e.g., OPA, Sentinel) and Infrastructure-as-Code tools (e.g., Terraform).
• Analysing and prioritize security risks across cloud environments, correlating misconfigurations, vulnerabilities, identity risks, and runtime threats by leveraging XQL and automation playbooks to drive effective remediation strategies.
• Experience in integrating Palo Cortex with on-prem capabilities such as SIEM/SOAR and observability platforms for continuous monitoring and threat detection with CNAPP signals.

Preferred Qualifications

• Knowledge of cloud security frameworks and benchmarks such as CIS Benchmarks, NIST, and Cloud Control Matrix (CCM).
• Understanding network security, identity, and data protection domain and technical implementation framework across cloud platforms.
• Experience in developing and maintain cloud security reference architectures, detection patterns, and response playbooks aligned with enterprise governance and regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to prioritize risks based on impact and exploitability.
• Experience working in Agile environments, collaborating across engineering, platform, and security teams.

Responsibilities:

• Manage CNAPP (Cortex/Prisma/Wiz) Platform configurations, and challenges daily, triaging challenge’s identity risks, and alerts, and driving remediation with engineering teams. Investigate and correlate security signals across multi-cloud environments (AWS, GCP, Azure, OpenShift) to identify high-risk exposures and prioritize actions based on business impact and exploitability.
• Work closely with PaC (policy-as-code) and guardrails (OPA, Sentinel, native cloud policies) teams to enforce secure-by-default configurations across cloud platforms for the CNAPP findings.
• Contribute to proof-of-concept efforts by evaluating new CNAPP features, cloud security tools, and container security capabilities, and recommending scalable adoption strategies. Document solutions, patterns, and learnings through runbooks, architecture decision records (ADRs), and knowledge-sharing sessions to enable broader team adoption.
• Act as a go-to technical resource, supporting application teams in designing secure cloud-native architectures and troubleshooting security-related issues.
• Work closely with Cloud Engineering and DevOps teams to embed security controls into CI/CD pipelines, ensuring shift-left security and continuous compliance.
• Support onboarding of new cloud accounts, Kubernetes clusters, and services into CNAPP by configuring data ingestion, identity mapping, and policy enforcement.
• Analyze cloud usage patterns and integrate with DSPM capabilities to identify sensitive data, validate access controls, and reduce data exposure risks.
• Collaborate with SIEM/SOAR and observability teams to integrate CNAPP signals into detection and response workflows, improving visibility and incident response time.
• Participate in incident triage and root cause analysis, contributing to remediation strategies and continuous improvement of detection and response playbooks.
• Experience in evaluating, onboard, and optimize CNAPP tools (Palo Alto Cortex, Wiz, or similar), ensuring full integration across cloud accounts, Kubernetes environments, and CI/CD pipelines.

Minimum Qualification

• 3+ years of experience in cloud security engineering across AWS, GCP, and/or Azure, with exposure to hybrid or private cloud environments (e.g., OpenShift).
• Experience in leading the design, hands-on implementation, and scaling of CNAPP capabilities (e.g., Palo Cortex) across multi-cloud environments including AWS, Azure, GCP, and OpenShift-based private cloud.
• Strong understanding and enabled end-to-end:
• CSPM, CWPP, CIEM, container security, and runtime protection posture management
• Cloud misconfiguration management and remediation automation
• Experience securing Kubernetes/OpenShift environments, including container security, workload isolation, and policy enforcement.
• Define and developing policy-as-code frameworks (e.g., OPA, Sentinel) and Infrastructure-as-Code tools (e.g., Terraform).
• Analysing and prioritize security risks across cloud environments, correlating misconfigurations, vulnerabilities, identity risks, and runtime threats by leveraging XQL and automation playbooks to drive effective remediation strategies.
• Experience in integrating Palo Cortex with on-prem capabilities such as SIEM/SOAR and observability platforms for continuous monitoring and threat detection with CNAPP signals.

Preferred Qualifications

• Knowledge of cloud security frameworks and benchmarks such as CIS Benchmarks, NIST, and Cloud Control Matrix (CCM).
• Understanding network security, identity, and data protection domain and technical implementation framework across cloud platforms.
• Experience in developing and maintain cloud security reference architectures, detection patterns, and response playbooks aligned with enterprise governance and regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to prioritize risks based on impact and exploitability.
• Experience working in Agile environments, collaborating across engineering, platform, and security teams.

Responsibilities:

• Manage CNAPP (Cortex/Prisma/Wiz) Platform configurations, and challenges daily, triaging challenge’s identity risks, and alerts, and driving remediation with engineering teams. Investigate and correlate security signals across multi-cloud environments (AWS, GCP, Azure, OpenShift) to identify high-risk exposures and prioritize actions based on business impact and exploitability.
• Work closely with PaC (policy-as-code) and guardrails (OPA, Sentinel, native cloud policies) teams to enforce secure-by-default configurations across cloud platforms for the CNAPP findings.
• Contribute to proof-of-concept efforts by evaluating new CNAPP features, cloud security tools, and container security capabilities, and recommending scalable adoption strategies. Document solutions, patterns, and learnings through runbooks, architecture decision records (ADRs), and knowledge-sharing sessions to enable broader team adoption.
• Act as a go-to technical resource, supporting application teams in designing secure cloud-native architectures and troubleshooting security-related issues.
• Work closely with Cloud Engineering and DevOps teams to embed security controls into CI/CD pipelines, ensuring shift-left security and continuous compliance.
• Support onboarding of new cloud accounts, Kubernetes clusters, and services into CNAPP by configuring data ingestion, identity mapping, and policy enforcement.
• Analyze cloud usage patterns and integrate with DSPM capabilities to identify sensitive data, validate access controls, and reduce data exposure risks.
• Collaborate with SIEM/SOAR and observability teams to integrate CNAPP signals into detection and response workflows, improving visibility and incident response time.
• Participate in incident triage and root cause analysis, contributing to remediation strategies and continuous improvement of detection and response playbooks.
• Experience in evaluating, onboard, and optimize CNAPP tools (Palo Alto Cortex, Wiz, or similar), ensuring full integration across cloud accounts, Kubernetes environments, and CI/CD pipelines.

Minimum Qualification

• 3+ years of experience in cloud security engineering across AWS, GCP, and/or Azure, with exposure to hybrid or private cloud environments (e.g., OpenShift).
• Experience in leading the design, hands-on implementation, and scaling of CNAPP capabilities (e.g., Palo Cortex) across multi-cloud environments including AWS, Azure, GCP, and OpenShift-based private cloud.
• Strong understanding and enabled end-to-end:
• CSPM, CWPP, CIEM, container security, and runtime protection posture management
• Cloud misconfiguration management and remediation automation
• Experience securing Kubernetes/OpenShift environments, including container security, workload isolation, and policy enforcement.
• Define and developing policy-as-code frameworks (e.g., OPA, Sentinel) and Infrastructure-as-Code tools (e.g., Terraform).
• Analysing and prioritize security risks across cloud environments, correlating misconfigurations, vulnerabilities, identity risks, and runtime threats by leveraging XQL and automation playbooks to drive effective remediation strategies.
• Experience in integrating Palo Cortex with on-prem capabilities such as SIEM/SOAR and observability platforms for continuous monitoring and threat detection with CNAPP signals.

Preferred Qualifications

• Knowledge of cloud security frameworks and benchmarks such as CIS Benchmarks, NIST, and Cloud Control Matrix (CCM).
• Understanding network security, identity, and data protection domain and technical implementation framework across cloud platforms.
• Experience in developing and maintain cloud security reference architectures, detection patterns, and response playbooks aligned with enterprise governance and regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to prioritize risks based on impact and exploitability.
• Experience working in Agile environments, collaborating across engineering, platform, and security teams.