Hyderabad

Principal Engineer, Software | Global telecom disruptor powering one of the most advanced 5G networks in the world.

Please find below the details of the role and its responsibilities.

Skills Required:

AWS, Azure, Terraform, Ansible, Python, GoLang, IAM, Identity Access Management,

Docker, Kubernetes, Cloudsecurity, Cloud Security, DevSecOps, Prisma Cloud, CNAPP,

Wiz

Experience Range:

12 - 18 years

Job Description:

About the Role:

The Principal Software Engineer plays a key role in designing, implementing, and securing

scalable cloud infrastructure across AWS and Azure environments. This role focuses on

developing and automating cloud security solutions, implementing GitOps-driven

workflows, managing IAM and identity governance, and deploying secure-by-design

systems using modern DevSecOps practices. The engineer will build and manage

logging, monitoring, and configuration management pipelines, integrate CNAPP tools like

Wiz for threat detection and compliance, auto remediation capabilities and contribute to

overall cloud security strategy. This individual will also mentor peers, influence

architectural decisions, and ensure alignment with T-Mobile's enterprise security and

compliance standards.

We pride ourselves on encouraging a culture of innovation, agile ways of working, and

transparency in all we do. Join us in embodying the spirit of the Un-carrier and make a

tangible impact!

What You'll Do:

• Design, develop, and implement secure cloud infrastructure and automation pipelines

across AWS and Azure.• Build and maintain GitOps-driven workflows for cloud provisioning, configuration, and

deployment.

• Develop and maintain golden images (e.g., hardened AMIs, Azure VM templates,

container base images) to standardize secure deployments.

• Implement and manage Identity and Access Management (IAM) policies, roles, and

federations for secure access control.

• Develop and integrate cloud logging, monitoring, and observability solutions (e.g.,

CloudWatch, Azure Monitor, ELK, Prometheus).

• Use Ansible for configuration management and automation of cloud and security

environments.

• Deploy and manage Cloud-Native Application Protection Platforms (CNAPP) such as

Wiz for risk detection, compliance, and posture management.

• Develop infrastructure as code (IaC) using Terraform for consistent and secure

resource provisioning.

• Write automation and tooling scripts in Python and Go to enhance cloud security and

operations.

• Collaborate with DevOps, Security, and Application teams to integrate CI/CD and

security automation.

• Participate in threat modeling, security assessments, and remediation of

vulnerabilities.

• Document architecture, design decisions, and security configurations.

• Mentor junior engineers and foster best practices in cloud security engineering.

What You'll Bring:

• Bachelor's degree in computer science, Engineering, or related field.

• 10+ years of experience in cloud engineering, DevSecOps, or cloud security roles.

• Strong hands-on experience with AWS and/or Azure services and architectures.

• Proven ability to build, harden, and maintain golden images for servers, containers,

and virtual machines.

• Deep knowledge of IAM, security policies, roles, and access automation.

• Proven experience with GitOps, Terraform, and Ansible for cloud provisioning and

configuration management.

• Experience building and maintaining cloud monitoring, logging, and alerting

frameworks.• Familiarity with CNAPP platforms (e.g., Wiz, Prisma Cloud, Orca, etc.) and

CSPM/CWPP principles.

• Proficiency in at least one modern Automation programming language (e.g.,

Python and/or Go)

• Experience integrating security into CI/CD pipelines and containerized environments

(Docker, Kubernetes).

• Strong problem-solving, analytical thinking, and collaboration skills.

• Excellent written and verbal communication skills.

Must Have Skills

• Cloud security engineering,

• GitOps, IAM.

• IAC Tools - Terraform, Ansible

• CNAPP (e.g., Wiz. Prisma Cloud),

• Hands on in Programming - Python/Go scripting.

• Cloud logging & monitoring, golden image creation, and CI/CD integration.

Nice-to-Have

• Experience with policy-as-code and compliance automation frameworks.

• Knowledge of network security principles, including firewalls, VPCs, and service

mesh.

• Familiarity with DevSecOps, Zero Trust, and security observability frameworks.

• Exposure to GenAI tools or security automation through machine learning (nice to

have).

Your information has been successfully submitted.
Oops! Something went wrong while submitting the form.