Cloud Security Principal Engineer

Job Title: Cloud Security Principal Engineer

Location: Pennsylvania PA

Duration: 6 Months

Job Type: Contract

Note: Hybrid - 80% remote 20% onsite. Position is temp to perm. Please only submit candidates with CISSP certiications at this time. The manager is also priortizing candidates with could security certifications. Top 3 Keywords: 1. Cloud Security Engineering (Azure preferred)/Multi-Cloud Security 2. Identity & Access Management (IAM/Entra ID/RBAC) 3. Security Frameworks & Tools (NIST 800-53 HIPAA PCI-DSS CIS SIEM/EDR/CSPM)

Top Required Skills:

• Proven experience securing a multi-cloud environment (Azure preferred).
• Strong cloud identity & access management (IAM) expertise (Entra ID RBAC provisioning).
• Deep knowledge of cloud security service lines security frameworks and supporting tools (EDR SIEM CSPM Vulnerability Management etc.).

Must-Have Skills:

• Hands-on experience in cloud security engineering and cloud architecture.
• IAM expertise across cloud/hybrid environments.
• Strong proficiency with cloud security tools: EDR (Defender) SIEM (Sentinel/Splunk) CSPM (Wiz) NAC NGFWs encryption.
• Experience with Terraform PowerShell automation pipelines and secure configuration management.
• Strong understanding of NIST 800-53 HIPAA PCI DSS CIS Benchmarks CISA ZTMM Microsoft CAF AWS CAF AWS Well-Architected Google CAF.
• Experience validating alerts triaging escalations and tuning detections with internal teams/MSP.
• Experience writing incident response plans runbooks tabletop exercises and system hardening guides.
• Ability to guide internal stakeholders on InfoSec best practices (cloud identity monitoring data protection).
• Experience supporting audits compliance risk remediation and evidence collection.
• Ability to work independently as a subject matter expert.

Nice-to-Have Skills:

• Experience supporting clinical/healthcare systems security (EHR Epic Lawson).
• Knowledge of Active Directory UNIX database query techniques and data analysis.
• PMO/project management skills and familiarity with SDLC methodologies.
• Experience mentoring junior engineers.
• Experience with virtualization technologies.

Key Responsibilities & Duties:

• Design implement and optimize multi-cloud security controls architectures and service lines.
• Collaborate with engineering DevSecOps compliance and infrastructure teams to secure cloud and hybrid environments.
• Lead security engineering tasks including incident response planning runbooks system hardening and control tuning.
• Support cloud security operations by validating alerts triaging incidents tuning detections and optimizing security tooling.
• Provide security guidance in architecture and governance forums ensuring alignment with CHOP standards and industry frameworks.
• Lead or support audits compliance assessments risk mitigation plans and documentation requirements.

Requirements:

• Bachelors degree (Computer Science/Information Systems preferred).
• 12 years industry experience across IT disciplines; 6 years in information security compliance and risk management.
• 3 years experience in IAM RBAC provisioning access governance or security control assessments.
• Experience with multi-cloud architecture cloud security tools and virtualization technologies.
• Strong understanding of security regulations frameworks and cloud security best practices.