Cloud Engineer

Cloud Engineer

Company: Compliance Foundry | Comperis Cybersecurity | Fixpliance AI

Location: Vadodara, Gujarat, India (In-Office Required)

Employment Type: Full-Time

Level: IC4 - Mid-Level Individual Contributor (DevOps/SRE)

About Us

Compliance Foundry, Comperis Cybersecurity, and Fixpliance AI form a unified group delivering Managed Compliance as a Service and Security Engineering as a Service to SMBs across fintech, healthcare, and SaaS. We help international clients build and maintain security postures through expert engineering, compliance frameworks, and our proprietary FixplianceAI platform.

We are a lean, founder-led organization where technical talent works directly with the CEO and engages with international clients daily. This is not a back-office role - it is a delivery-oriented position at the intersection of cloud infrastructure, security operations, and managed services.

About Vadodara, Gujarat

Vadodara, often called the "Cultural City of India (Sanskrutik nagri)," is a historic center of learning and arts located in Gujarat. Home to several leading universities and educational institutions, the city offers a vibrant, diverse, and metropolitan community alongside a strong reputation for safety, cultural heritage, and low crime rates. With a significantly lower cost of living than major Indian metros, the city offers an excellent quality of life and is home to major companies such as Mastercard, Larsen & Toubro, and Tata Advanced Systems. The city's strategic location provides seamless connectivity via Vadodara Airport (flights to major Indian and international hubs) and Central Railway Station (direct rail access to Delhi, Mumbai, Bangalore, and other key business centers).

The Role

We are hiring a Cloud Engineer on the DevOps/SRE track to serve as the primary technical point of contact for our international managed services clients.

This role is 80% client-facing and 20% internal, requiring a practitioner who can independently assess, architect, implement, and operate security infrastructure across multi-cloud and hybrid environments.

You will lead client engagements end-to-end: from initial security assessments and proposal development through implementation, ongoing operations, and SLA delivery. You will report directly to the Technical Founder and CEO, participate in engagement strategy, and collaborate with compliance engineering and product teams.

What You'll Do

Client Engagement and Delivery (80%)

• Serve as the primary technical contact for assigned international clients across fintech, healthcare, and SaaS.
• Conduct security posture assessments spanning AWS, Azure, GCP, and hybrid/on-premises infrastructure.
• Design and implement security architecture improvements aligned with each client's risk profile, regulatory requirements, and business constraints.
• Lead technical meetings, deliver architecture presentations, and communicate complex security concepts to technical and non-technical stakeholders.
• Author technical proposals, RFP/RFI responses, and architecture documentation.
• Manage SLA commitments, track delivery milestones, and drive client satisfaction.

Security Engineering and Operations

• Implement and manage cloud security controls across AWS, Azure, and GCP (Security Hub, GuardDuty, Defender/Sentinel, Security Command Center).
• Deploy and operate CSPM tooling (Prowler, Wiz, ScoutSuite) for continuous cloud security monitoring.
• Configure network security infrastructure: firewalls (pfSense, Fortinet, Palo Alto), Zero Trust solutions (WireGuard, Tailscale, Cloudflare Access), and IDS/IPS systems.
• Manage endpoint security platforms, including EDR solutions (CrowdStrike, SentinelOne, Microsoft Defender for Endpoint) and host-based monitoring (osquery).
• Administer identity and access management systems: SSO/SAML/OIDC, privileged access management (HashiCorp Vault, CyberArk), and directory services (Azure AD, Okta).
• Operate SIEM platforms (Splunk, Elastic SIEM, Wazuh, Datadog Security) for threat detection, log analysis, and alerting.
• Execute vulnerability management programs using Nessus, Qualys, OpenVAS, Trivy, and Snyk.
• Build and maintain Infrastructure as Code using Terraform, Ansible, CloudFormation, or Pulumi.
• Secure containerized environments and Kubernetes clusters (Docker, Kubernetes, Falco, kube-bench, Aqua Security).
• Integrate security into CI/CD pipelines (GitHub Actions, GitLab CI, SAST/DAST tooling).
• Implement email security controls (SPF/DKIM/DMARC) and email gateway configurations.
• Manage data security controls: encryption, DLP solutions, and key management services.
• Develop incident response playbooks, forensic investigation procedures, and chain of custody documentation.
• Design backup and disaster recovery strategies, including RPO/RTO planning.

Internal Collaboration (20%)

• Collaborate with compliance engineering teams on evidence collection and audit preparation.
• Provide product feedback based on field experience with FixplianceAI and client needs.
• Contribute to the creation of runbooks and internal knowledge base documentation.
• Participate in Agile ceremonies and sprint planning.

What We're Looking For

Technical Competencies

You must demonstrate hands-on proficiency across all of these security engineering domains. You are not expected to be expert-level in every tool, but you must show working knowledge across the full spectrum and deep expertise in a meaningful subset.

• Cloud Security: Multi-cloud architecture (AWS, Azure, GCP, hybrid/on-premises), native cloud security services, and CSPM tooling.
• Network Security: Firewalls, VPN, Zero Trust solutions, and IDS/IPS systems.
• Endpoint Security: EDR platforms, MDM, and host-based monitoring.
• Identity and Access Management: SSO/SAML/OIDC, privileged access management, and directory services.
• SIEM and Security Monitoring: Log aggregation, correlation, alerting, and threat detection platforms.
• Vulnerability Management: Cloud and container scanning, dependency analysis.
• Infrastructure as Code: Terraform, Ansible, CloudFormation, or equivalent.
• Container and Kubernetes Security: Docker, Kubernetes orchestration, and runtime security tools.
• DevSecOps and CI/CD Security: Security integration into pipelines, SAST/DAST tooling.
• Email and Data Security: SPF/DKIM/DMARC, encryption, DLP, key management.
• Incident Response and Forensics: Playbook development, forensic investigation, and chain of custody.
• Backup and Disaster Recovery: RPO/RTO planning and implementation.

Soft Skills and Project Management

• Native English fluency (written and spoken). This is a client-facing role; communication quality is non-negotiable.
• Proven ability to lead technical meetings, deliver presentations, and manage client relationships professionally.
• Experience authoring technical proposals and architecture documentation.
• Proficiency with Agile/Scrum methodologies.
• Experience with client project planning and SLA management.
• Comfort operating in fast-moving startup environments where processes are built from scratch.
• Self-starter mentality: operate independently, prioritize competing demands, and drive work to completion.
• Willingness to own work beyond narrowly defined boundaries.

AI Proficiency

• Demonstrated proficiency in leveraging AI/LLM tools for productivity and engineering workflows. AI is a core force multiplier in our delivery model, not optional.

Nice to Have

• Working knowledge of compliance frameworks: ISO 27001, SOC 2, GDPR, HIPAA.
• Cloud architecture certifications (AWS Solutions Architect, Azure Solutions Architect, GCP Professional Cloud Architect).
• Cloud security certifications (AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer).
• Industry certifications: CISSP, CISM, CEH, OSCP, or equivalent.

Why Join Us

International Client Exposure

Work with SMBs across fintech, healthcare, and SaaS verticals in international markets. Build a portfolio of cross-industry, cross-geography security engineering experience that is rare at the IC4/IC5 stage.

Direct Impact and CEO Access

Report directly to the Technical Founder and CEO. Participate in engagement strategy, business development, and organizational decision-making from day one. Your contributions directly shape the company's service delivery model, technical standards, and client relationships.

Startup Impact

Join at a stage where infrastructure, processes, and technical standards are being built. Your influence on how we scale is meaningful.

Working Hours

2:00 PM 11:00 PM IST, MondayFriday, with occasional weekend windows for scheduled system downtime and infrastructure rearchitecture.

The Application Process

The initial screening includes a take-home assignment that requires the use of an AI tool. This is intentional and reflects our operating model: we evaluate how effectively you leverage AI as a force multiplier, not whether you can solve problems without it.

Equal Opportunity

Compliance Foundry | Comperis Cybersecurity | Fixpliance AI is an equal opportunity employer. We evaluate candidates based on merit, qualifications, and business needs.