W2- Cloud Security Principal Engineer

Role :: Cloud Security Principal Engineer CISSP Certification required
Location: Philadelphia PA Hybrid (80% remote 20% onsite)
Type: Contract/Contract to hire

Required Skills & Experience

• Certifications: CISSP (mandatory); cloud security certifications strongly preferred
• Education: Bachelors Degree (Computer Science Information Systems or related field preferred)

Experience:

• 12 years industry experience across IT disciplines (architecture network application database operations)
• 6 years in information security regulatory compliance and risk management
• 3 years in Identity & Access Management (IAM) Role-Based Access Control (RBAC) user provisioning or security awareness training
• Experience with cloud and/or virtualization technologies

Technical Expertise:

• Multi-cloud security (Azure preferred; AWS Google Cloud also relevant)
• Identity & Access Management (IAM/Entra ID)
• Security tools: EDR (Microsoft Defender) SIEM (Sentinel/Splunk) CSPM (e.g. Wiz) VPNs/NGFWs NAC encryption protocols
• Secure configuration management automation pipelines (Terraform PowerShell) vulnerability management platforms
• Networking protocols (TCP/IP WAN/LAN firewalls IPS web filtering disk encryption)
• Microsoft Active Directory UNIX; ERP/clinical systems (Epic Lawson) a plus

Frameworks & Compliance:

• NIST SP 800-53 HIPAA PCI-DSS CISA ZTMM CIS Benchmarks ISO 27000 Microsoft CAF AWS CAF/Well-Architected Google CAF

Other Skills:

• Risk management frameworks
• SDLC methodologies PMO project management MS productivity tools (Access Word PowerPoint Visio Project)
• Database query/data mining basics
• Strong knowledge of InfoSec principles IT controls and regulatory standards

Preferred Skills & Experience

• 3 years working with matrixed high-performance teams
• ERP and clinical application security experience
• Strong mentoring and leadership capabilities

Key Responsibilities

• Serve as subject matter expert and advisor on complex cloud security issues
• Design implement and optimize cloud security controls and service lines
• Support cloud migration tool optimization automation and risk-driven outcomes
• Collaborate with internal stakeholders vendors and MSPs to fine-tune detection/prevention capabilities
• Lead incident response planning runbooks tabletop exercises and system hardening guides
• Align security architectures with organizational policies and external frameworks
• Participate in governance forums DevSecOps and cloud-native strategies
• Assist with audits compliance assessments and risk remediation plans
• Mentor junior InfoSec engineers through documentation training and peer reviews
• Shape and design service lines manage risks and ensure enterprise solutions are scalable and adaptable
• Support business continuity change management and educate management on IAM and RBAC models