Job Description:

Grade - 4

Job Title – Cloud Security Engineer

Description

This is an opportunity for a highly motivated Cloud Security Engineer (Full Stack) to join Fidelity Architecture and Engineering (FAE) and work in a diverse, open and transparent culture where you will contribute to AWS Security Squad/Team through innovative solutions using the latest cloud native technologies and leading-edge engineering practices.

The Value You Deliver

Do you enjoy working on cloud technologies and creating innovative solutions? Do you want to collaborate with like-minded engineers across the globe? As a Cloud Security Engineer, you will work within the DevOps Integration/Full Stack role as part of the Cloud Provider Enablement (CPE) team. We specialize in AWS Security, focusing on service enablement, implementing security controls, and establishing guardrails to ensure secure and compliant cloud operations across the enterprise.

We are a diverse, multi-functional team comprised of highly upbeat and motivated technologists who believe in the power of innovation and constant teamwork. The team blends technology & business expertise with a passion for exploring new technologies while working in an open and transparent way. Our work involves designing and deploying security frameworks, automating compliance checks, and enabling development teams to leverage AWS services securely through well-architected controls and governance mechanisms.

.How Your Work Impacts the Organization

FAE domain is the part of Enterprise Technology with the focus on Engineering and architecture. We enable Fidelity business units to safely and securely adopt cloud at scale. The cross-enterprise collaboration enables the delivery of solutions that meet the emerging digital expectations of Fidelity’s customers and clients.

The Expertise We’re Looking For / Technical Skills

Over 3 - 4 Years of strong experience with cloud platforms (AWS & Azure), preferably AWS and their native event systems.

• Development experience with Python/Go, or similar languages for backend and automation work.

• Strong experience with CI/CD pipelines, infrastructure as code (Terraform, CloudFormation), and DevOps practices.

• Experience with Cloud Security Concepts, NIST Framework, Security Controls, CloudTrail, logging & monitoring telemetry, and security event correlation.

• Hands-on experience with CSPM (Cloud Security Posture Management) tools such as Wiz, Rapid7, or similar platforms for continuous security monitoring and compliance.

• Experience with SIEM tools (Splunk, Datadog, or similar) for security event analysis, threat detection, and incident response.

• Strong expertise in Identity and Access Management (IAM) including role-based access control (RBAC), least privilege principles, IAM policy design, service control policies (SCPs), cross-account access patterns, and federation (SAML, OIDC).

• Understanding of encryption techniques and standards including data-at-rest encryption (KMS, customer-managed keys), data-in-transit encryption (TLS/SSL), key rotation strategies, and compliance with encryption standards (FIPS 140-2, AES-256).

• Experience with AWS Organizations, multi-account strategies, organizational units (OUs), consolidated billing, service control policies, and account governance frameworks.

Non-Technical Skills

• Strong analytical thinking and ability to derive insights from complex data.

• Excellent communication skills – able to translate technical findings into business value.

• Collaborative mindset with a passion for cross-functional teamwork.

• Curiosity and a continuous improvement mindset – always looking for better ways to do things.

• Ability to prioritize and manage ambiguity in a fast-paced environment.

• Growth mindset – eager to learn, experiment, and continuously improve.

Preferred Skills

• Exposure to AWS Cloud, Security Concepts & Controls, Python, DevOps, CI/CD Pipelines.

• Familiarity with ITSM tools (e.g., ServiceNow), Incident Management and CMDB integration.

Company Overview

Location : Chennai

Certifications:

Category:

Information Technology