Engineer, Security Operations I

Cloud Security Engineer - SecOps

 About Toyota Connected

 Ifyouwanttochangethewaytheworldworks,transformtheautomotiveindustry,andpositively impact others on a global scale, then Toyota Connected is the right place for you! Within our collaborative, fast-paced environment we focus on continual improvement and work in a highly iterative way to deliver exceptional value in the form of connected products and services that wow and delight our customers and the world aroundus.

About the Team 

The Toyota Connected Information Security program identifies and addresses the cyber security and privacy challenges across our products and operations, delivering layered security controls, and mitigating critical threat vectors. Toyota Connected India is hiring talented Cloud Security Engineer at Chennai to use Cloud-native applications and other cutting-edge technologies to implement a secure infrastructure and manage all aspects of Cloud Security. SecOps team is responsible to provide data protection, configure cloud security defenses, collect and analyze Platform logs, cloud identity management, access control and container security for our mobility, safety, and convenience services and ensures the overall security of internal systems and critical internal data protection.

Job Description

Toyota Connected India is looking for talented Cloud Security Engineer who will develop and implement Information security controls with advanced knowledge and hands on experience in monitoring and securing cloud systems and environments to protect critical Cloud infrastructure for Connected Car products that serve millions of transactions, from information security threats and vulnerabilities. This person specializes in providing security for cloud-based (AWS) digital platforms and plays an integral role in protecting Toyota Connected data. Responsibilities include analyzing existing cloud architectures, identifying vulnerabilities, and designing enhanced security solutions. A comprehensive understanding of cloud security systems and policies and implementing defense-in-depth strategies are key to this role.

 What you will do

·       Implement cloud-based defense-in-depth controls for Cloud environments.

·       Improve the cloud security posture by configuring guardrails like AWS Config, Guard Duty, Inspector, Security Hub, Security Control Policies, etc.,

·       Develop cloud-based programs to detect possible vulnerabilities and risks

·       Design and Manage identity and access management and RBAC policies.

·       Hardening cloud platforms and services configurations such as encryption at rest and transit.

·       Build automation scripts using API calls and CLI to identify and remediate non-compliant cloud configurations.

·       Leverage Infrastructure as Code (IaC) to automate cloud security configurations and deployments.

·       Automate security controls, data and processes to provide better metrics and enhance operational support.

·       Responsible for integration of security development practices into DevOps life cycle

·       Create and maintain detailed technical documentation and runbooks for implemented security controls and processes.

·       Perform security assessments, including incident analysis, vulnerability scans, patch status tracking, and secure baseline evaluations.

·       Implement container scanning for any vulnerabilities and Configure WAF rules.

·       Assist in investigating and resolving routine security questions and inquiries.

·       Coordinate and track all security-related audits.

You are a successful candidate if

 ·       4-6 years of practical experience with AWS security as a Cloud or Security operations engineer.

• •        Networking expertise including Subnetting, Routing, ACL, and Security Groups.
• •        In-depth experience around CLI, Cloud principles, VPC, Cloud native services and Cloud APIs in AWS environment

•        Expertise in Cloud automation tools – Terraform, Cloud formation, version Control systems like GitLab/GitHub

•        Solid scripting skills in languages such as Python and Shell scripting.

•        In depth knowledge of common monitoring tools like Cloud watch & Datadog.

•        Strong expertise with CI/CD solutions.

•        Experience working with container technology including AKS or ECS/EKS

•        Excellent problem solving, interpersonal, communication and presentation skills.

•        Experience working in a fast-paced, Agile environment

•        Experience in cyber security capabilities (SIEM, SOC, Vulnerability Management, Threat intelligence, etc.)

•        Exposure to regulatory frameworks such as GDPR, HIPAA, and PCI-DSS.

Nice-To-Have:

About Company

Toyota Connected is a global technology arm of Toyota focusing on smart mobility solutions. It uses AI, cloud computing, and big data to create personalized driving experiences and connected vehicle ecosystems. The company enhances Toyota's vision for a mobility-driven future.