Information Technology Security Specialist

Trillionloans (A BharatPe Group Company) is hiring for an IT Security Solution Engineer with a strong understanding of AWS cloud security, hands-on exposure to Orca Security (CNAPP), and a basic background in Dynamic Application Security Testing (DAST). The role will work closely with DevOps, Endpoint-IT teams to design, implement, and optimize End user-IT & cloud security solutions while ensuring secure application deployment and continuous risk reduction

What will you do?

• Review, support & implement secure AWS architectures with understanding of IAM, VPC, EC2, S3, RDS, and EKS. Including network security controls such as security groups, NACLs, and firewall policies.
• Configure, manage, and optimize Orca Security for cloud posture management, vulnerability detection, and risk prioritization.
• Analyze Orca findings related to misconfigurations, vulnerabilities, exposed assets, and identity risks.
• Work with stakeholders to translate Orca alerts into actionable remediation plans.
• Secure Kubernetes clusters (EKS) including RBAC, network policies, secrets management, and pod security standards
• Implement container image scanning and runtime security controls & enforce least-privilege access for workloads and services
• Run DAST tool to review application related changes & to identify runtime application vulnerabilities.
• Track remediation SLAs and produce security metrics and dashboards & Collaborate with development teams to validate findings and guide remediation.
• Assist in integrating DAST into CI/CD pipelines (where applicable).

Who's the right fit for us?

• An IT professional with 47 years experience in infrastructure, cloud, or security engineering
• Certifications (preferred): AWS Security Specialty / Associate, CEH, Security+, or equivalent.
• Strong hands-on understanding of AWS services, including: IAM, VPC, EC2, S3, RDS, Lambda, CloudTrail, Security Hub.
• Experience or strong working knowledge of Orca Security or similar CNAPP/CSPM tools.
• Basic to intermediate knowledge of DAST concepts and tools.
• Familiarity with Cloud security best practices, OWASP Top 10 &Vulnerability management workflows
• Understanding of CI/CD and DevOps security concepts is a plus.

Interested candidates can also share their profiles at - ishika.jain@trillionloans.com along with their current and expected compensation details.