Senior Cloud Security Engineer, Limassol, Cyprus

Are you an experienced Senior Cloud Security Engineer (AWS) looking for your next career move join our client onsite in Limassol Cyprus. Emerald Zebra is waiting to hear from you APPLY now!

About the Company -

Our client is a global leader in trading with more than 15 years of success a strong international footprint and a team of highly skilled professionals. As a pioneer in FinTech innovation the company continues to drive growth through advanced technologies and a collaborative culture. This is your opportunity to join a forward-thinking environment where innovation meets excellence.

The Role -

We are seeking a Senior Cloud Security Engineer (AWS) to spearhead the design implementation and enforcement of advanced security controls. You will be instrumental in building Zero Trust architectures across multi-region AWS deployments securing EKS/ECS clusters virtualized workloads and hybrid environments - all while aligning with regulatory compliance frameworks. This is a hands-on high-impact role shaping the next generation of financial cloud security.

Key Responsibilities -

Network & VPC Segmentation:

• Design and implement multi-VPC architectures with subnet micro-segmentation and Transit Gateway routing.
• Enforce Zero Trust segmentation between workloads users and external partners.
• Apply strict ingress/egress controls using AWS Network Firewall Security Groups and NACLs.

Firewalling DNS & Threat Prevention:

• Deploy AWS Network Firewall with custom Suricata/DPI rules.
• Apply AWS WAF protections for APIs trading platforms and client portals.
• Harden DNS with Route 53 DNS Firewall to prevent tunneling and spoofing.
• Define and monitor DLAP/DLP policies for data protection.
• Integrate EDR tools (e.g. CrowdStrike SentinelOne) across workloads.

Encryption & Data Security:

• Enforce encryption at rest in transit and in use with KMS ACM HSM TLS 1.3 and Nitro Enclaves.
• Automate key lifecycle management and cross-region rotation.
• Apply confidential computing protections for sensitive workloads.

Kubernetes & Virtualization Security:

• Secure EKS ECS and Kubernetes clusters (RBAC/ABAC pod policies runtime security).
• Implement container image scanning and vulnerability pipelines.
• Deploy admission controllers and native firewalls for Zero Trust enforcement.
• Harden VMs WorkSpaces and VMware workloads with monitoring and micro-segmentation.
• Establish runtime anomaly detection with tools like Falco GuardDuty and Datadog.

Anomaly Detection & Attack Prevention:

• Implement AI/ML-based anomaly detection across networks and workloads.
• Define playbooks for insider threats tunneling and privilege escalation.
• Correlate findings from GuardDuty WIZ Inspector and SIEM platforms.
• Lead threat modeling and red team exercises.

Infrastructure as Code & Automation:

• Build secure Terraform modules for AWS and Kubernetes.
• Embed compliance-as-code in CI/CD pipelines (OPA Sentinel).
• Automate posture drift detection with Terraform WIZ/Security Hub.
• Drive GitOps workflows for immutable deployments.

Observability & Incident Response

• Design SIEM dashboards with OpenSearch CloudWatch Grafana and Loki.
• Integrate alerting into Jira Slack and PagerDuty workflows.
• Lead incident response for AWS Kubernetes and virtualized workloads.
• Automate containment pipelines for compromised assets.

Your Profile -

Qualifications:

• 6-8 years of Cloud Security Engineering with AWS specialization.
• Deep knowledge of VPC segmentation Zero Trust and firewalling.
• Proven expertise in Kubernetes/EKS security.
• Experience with EDR DLP/DLAP DNS protection.
• Strong Terraform and IaC security automation background.
• Advanced knowledge of encryption in all states (at rest transit in use).
• Hands-on with SIEM anomaly detection and ML-based prevention.
• Familiarity with compliance frameworks (CIS NIST ISO 27001 SOC2 GDPR ASIC ESMA).

Preferred Certifications:

• AWS Certified Security Specialty (required)
• AWS Solutions Architect Professional
• AWS Advanced Networking Specialty
• Certified Kubernetes Security Specialist (CKS)
• HashiCorp Terraform Associate
• CISSP / CCSP
• SANS GIAC Cloud Security certifications (GCSA GCLD GDSA)
• ISO 27001 Lead Implementer/Auditor

Why Join

Experience rewards because you matter!

• Salary Range - EUR 65000 - 85000 gross/year (depending on level of experience)
• Career Growth -ongoing learning and clear advancement opportunities.
• Work Life Balance - 22 days of annual leave.
• Wellness & Healthcare - 12 paid sick days full medical insurance after 6 months.
• Future Security - Provident fund access after 6 months.
• Snack Hub - Fresh fruit snacks and beverages available daily.
• Lunch on the company - Daily buffet lunch with your team.
• Paid Overtime - Extra effort recognized and rewarded.
• Learning & Development - Dedicated budget for your upskilling.
• Team Spirit - Regular events and team-building activities.
• Fitness & Recreation - Gym access sports and spa treatments.
• Unwind Fridays - Close the week with a relaxed team drink.
• Working Schedule -Onsite in Limassol - Monday to Friday 09:00 - 17:00

If you are interested in this job opportunity and meet the above requirements APPLY at the link below. For more information email