Job Description

Key Outcomes

Cloud security engineering focuses on building secure, scalable, and resilient cloud architectures. Key security outcomes for cloud security engineering include:

Strengthened Access Control: Ensure that only authorized users, systems, and services can access cloud resources. Resilient Cloud Infrastructure: Design security frameworks that help cloud environments withstand and recover from attacks. Data Protection & Compliance: Safeguard sensitive data in transit and at rest, meeting regulatory requirements (GDPR, HIPAA, etc.). Proactive Threat Detection & Response: Detect and mitigate threats before they escalate. DevSecOps Integration: Embed security into every stage of the software development lifecycle. Compliance & Governance: Ensure adherence to legal and organizational security standards. Incident Response: Minimize the impact of security incidents with well-defined response processes. Reduced Attack Surface: Eliminate vulnerabilities through rigorous security assessments and proactive measures.

Key Responsibilities

Detect, Prevent, Remediate

• Identify and assess security risks, communicate potential threats to stakeholders, and implement effective remediation strategies.
• Design, implement, and maintain preventive and remediation controls across AWS and Azure.
• Apply and enforce industry-standard security frameworks, including CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), and Microsoft Cloud Security Benchmark (MCSB).
• Track and report on the effectiveness of AWS/Azure detective controls and other 3rd parties such as Wiz.

Security Engineering Process

• Develop processes and cloud policies/standards, ensuring proactive and efficient response to threats.
• Assist internal teams to integrate security into CI/CD pipelines and workflows.
• Contribute to the development of security automation and security posture improvements.

Compliance Management

• Conduct security audits, manage cloud security documentation, and ensure ongoing compliance with industry regulations (GDPR, HIPAA, etc.).

Collaboration and Training

• Work closely with cross-functional teams, including developers, architects, and operations, to implement and monitor security practices.
• Empower internal teams by leading training sessions and workshops on AWS and Azure security best practices.

Continuous Improvement

• Continuously evaluate emerging cloud security trends, integrating innovative solutions to enhance the organization's security posture.

Required Qualifications

Technical Expertise

• Strong experience in AWS and/or Azure security services and frameworks.
• Hands-on experience with tools like AWS security services (IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, Config, and Automated Security Remediation) and/or Azure security services (Entra ID, Cloud Defender).
• Experience in securing containers and Kubernetes configurations.
• Proficiency in network security, including securing virtual networks, firewalls and governance, and subnets.
• Proven experience securing cloud infrastructure, including IaaS resource patching and container image scanning.
• Experience with 3rd party remediation software such as Cloud Custodian, Stacklet.
• Demonstrated ability to secure and manage hybrid cloud environments.

Automation and Development

• Proficient in scripting and automation using Python, Terraform, and Azure/Functions or AWS/Lambda.
• Experience with Infrastructure as Code (IaC) tools such as Terraform.
• Develop and implement policy-as-code solutions using tools such as GitHub Copilot and AWS Code Whisperer.

Compliance Knowledge

• Experience ensuring compliance with GDPR, HIPAA, and cloud security frameworks such as CIS, AWS/FSBP, and Microsoft/MCSB.

DevSecOps Practices

• Proven expertise embedding security controls within DevOps workflows, CI/CD pipelines, and cloud-native development processes.
• Skills with GitHub/Azure-DevOps, PowerShell, Bash, AWS/Azure CLI.
• Familiarity with container security in AWS/Azure environments

Preferred Certifications (Highly Valued but Not Required)

• AWS Certified Security – Specialty.
• AWS Certified DevOps Engineer - Professional.
• Microsoft Certified: Azure Security Engineer Associate.
• Microsoft Certified: DevOps Engineer Expert.
• CISSP, CCSP, or equivalent industry certifications.

Having one or more of these certifications will give you a competitive edge!

Soft Skills

• Strong analytical mindset with the ability to assess complex security challenges and drive innovative solutions.
• Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Ability to work collaboratively in a federated operating model.
• Continuous learning mindset to keep up with emerging technologies.

Job Tags

Similar Jobs