Cloud Security

Greetings From TCS!!

Position: Cloud Security

Experience: 4+ years

Location: Walkin interviews on 10-Jan-25(Saturday) at below locations.

Chennai

TCS Sholinganallur Kumaran Nagar, 415/21-24, TNHB Main Rd, Chennai, Tamil Nadu

Bangalore

TCS PSN Office, PRESTIGE SHANTINIKETAN, Crescent-3,Sadaramanagala Village & Sy.No.129/2 & 130, Krishnarajapuram Hubli, Bangalore East Taluk, Bangalore - ,Karnataka,

Hyderabad

TCS Deccan Park, Madhapur, Hyderabad, Telangana

Pune

Tata Consultancy Services, Sahyadri Park 1, Rajiv Gandhi Infotech Park, Hinjewadi Phase 3, Pune -

Job Description :

• Design Azure landing zones and security reference architectures aligned to Zero Trust.
• Establish enterprise guardrails using Azure Policy, Management Groups, and RBAC with Privileged Identity Management (PIM).
• Own CSPM posture via Microsoft Defender for Cloud
• Operate and optimize Microsoft Defender XDR for end-to-end detection and response.
• Manage Microsoft Sentinel (SIEM/SOAR): KQL analytics, hunting, UEBA, playbooks (Logic Apps), and incident workflows.
• Lead incident response: triage, containment, forensics (Log Analytics, snapshots), root cause analysis, stakeholder communication.
• Administer Microsoft Defender for Cloud Apps (MDCA) for app discovery, OAuth app governance, session controls, DLP, and data protection.
• Implement Conditional Access + MDCA session policies for inline control across key SaaS applications.
• Secure workloads using Defender for Cloud plans (VMs, Storage, SQL, AKS, App Services): hardening, vulnerability management, agent coverage.
• Drive AKS security: network policies, identity, secrets, image scanning, admission controls; secure ACR and supply chain flows.
• Implement controls: Azure Firewall, NSGs, DDoS Protection, Bastion, JIT VM access.
• Protect applications via Azure WAF (App Gateway/Front Door), TLS cert lifecycle, and bot management.
• Administer Entra ID (Azure AD): Conditional Access, MFA, CAE, Identity Protection, PIM, workload identities/managed identities.
• Enforce encryption and secrets management via Azure Key Vault (HSM-backed keys, CMK, rotation).
• Implement DLP across M365/MDCA; label/classify sensitive data and enforce policies.
• Build policy-as-code and IaC guardrails: Bicep/ARM, Terraform modules, drift detection.
• Automate operations using PowerShell, Azure CLI, and Python; integrate security telemetry and auto-remediation via Logic Apps/Functions.
• Map controls to CIS/NIST/ISO/PCI; maintain audit evidence and control attestation.
• Provide posture dashboards, metrics (Secure Score, incident MTTR), and executive reporting.
• Author standards, playbooks, and decision records; mentor teams and lead design reviews.

Note: Candidates available for F2F interview only apply

Thanks & Regards,

Divya Jillidimudi