Principal Cloud Security Engineer

This is a remote position.

The Cloud Security team is expanding and seeking a Principal Cloud Security Engineer to serve as a hands-on technical expert and trusted advisor across cloud programs. This team owns the security of multiple cloud environmentsprimarily Azure and AWSand is responsible for designing and implementing security controls that support global regulatory and industry requirements.

If you thrive in fast-moving environments enjoy building automation and want to influence security at platform scale this role offers significant ownership and impact.

What youll do

Drive Enterprise Cloud Security

• Lead end-to-end implementation of CNAPP solutions (e.g. Wiz) across Azure and select AWS environments including policy design tuning and operational workflows.
  

• Harden cloud environments through identity and access controls Azure Policies network segmentation and cloud-native security tooling.
  

• Develop and maintain secure IaC and DevSecOps practicesintegrating security into CI/CD pipelines (Terraform GitHub Actions etc.) artifact signing SBOMs/attestations.
  

Enable Governance & Compliance

• Translate frameworks such as FedRAMP NIST CIS and PBMM into technical controls automated evidence collection and continuous monitoring.
  

• Define policy-as-code patterns and reusable Terraform modules to prevent misconfigurations before deployment.
  

Architecture Advisory & Mentoring

• Partner with product engineering and platform teams to design secure cloud architectures and participate in design reviews.
  

• Act as a trusted advisor to cloud operations and executive teamscommunicating risk trade-offs and priorities.
  

• Mentor junior engineers and contribute to a culture of security-first thinking.
  

Incident Response & Posture Improvement

• Collaborate with SecOps and AppSec teams to triage findings evaluate risk and drive remediation across vulnerabilities identities data and workloads.
  

• Use metrics and KPIs to measure posture improvements and demonstrate business impact.
  
  

What Were Looking For

Required Qualifications

• Bachelors degree in Computer Science Engineering Cybersecurity or equivalent experience.
  

• 10 years in security engineering or security architecture with deep experience in cloud security (preferably in SaaS or technology companies).
  

• Hands-on expertise with:
  

  • CNAPP platforms (Wiz or similar) including rollout policy design tuning and automation.
    

  • Microsoft Defender for Cloud and Azure security services (Entra ID RBAC Key Vault networking monitoring).
    

  • Multi-cloud (Azure and AWS).
    

  • DevSecOps practices including pre-merge security checks image scanning artifact signing SBOM/attestations.
    

  • Production-grade IaC using Terraform Enterprise/Terraform Cloud (modules registries policy-as-code drift management).
    

  • Kubernetes/containers (AKS/EKS) image signing runtime protection and registry security.
    

  • Security automation using Python or PowerShell.
    

• Experience with:
  

  • KRIs/KPIs and tuning policies against frameworks (CIS NIST STIG).
    

  • Compliance and security engineering for FedRAMP PBMM ISO 27001 SOC 2 or similar regulated environments.
    

  • Influencing product engineering and executive stakeholders.
    

  • Operating independently with strong ownership and accountability.
    

Preferred Qualifications

• Azure certifications (AZ-500 SC-100 SC-200) highly preferred.
  

• Industry certifications such as CISSP or CCSP.
  

• DevOps experience with infrastructure/cloud/application pipelines.
  

• Experience with SAST/DAST tooling penetration testing or security scanning.
  

• Knowledge of LLMs and experience building generative AIpowered automation or agents.
  

• Programming experience with Python C# Rego YAML
  

Whats in It for You

• Competitive compensation perks and recognition programs
  

• Flexible time-off and well-being benefits
  

• Diversity equity & inclusion programs that foster belonging
  

• Volunteer opportunities and community engagement
  

• Continuous learning training support and paid certifications to accelerate your career growth