[8PP] Senior Cloud Security Engineer

We are seeking a Senior Cloud Security Engineer to own and mature our cloud security posture across AWS and Azure environments. This role is a blend of hands-on technical implementation and strategic governance with primary responsibility for establishing and maintaining security framework compliance and driving IAM maturity across our cloud platforms and supporting tooling.

As a senior individual contributor you will be the subject matter expert for cloud security controls identity and access management strategy and compliance automation. You will work closely with Cloud Engineering and Information Security teams to embed security into infrastructure and deployment pipelines while ensuring our security practices scale with the business.

Key responsibilities include:

Security Framework Compliance & Cloud Security Controls

 Own the end-to-end implementation monitoring and remediation of security framework benchmarks (including CIS) across AWS and Azure environments.

 Conduct regular assessments against security framework controls identify gaps and drive remediation plans.

 Develop and maintain security baselines hardening guides and configuration standards for cloud resources.

 Translate security framework requirements into actionable Terraform modules and Infrastructure-as-Code guardrails.

Vulnerability & Risk Remediation

 Lead vulnerability identification assessment and remediation efforts across cloud infrastructure and workloads.

 Develop and maintain risk scoring methodologies to prioritize remediation based on business impact and threat severity.

 Coordinate with engineering and operations teams to track remediation progress and ensure timely resolution of identified vulnerabilities.

IAM Strategy & Access Management

 Assess the current state of IAM across AWS Azure and integrated tooling (CI/CD platforms SaaS applications identity providers).

 Develop and execute a comprehensive IAM maturity roadmap covering least-privilege enforcement role-based access service account governance and access reviews.

 Design and implement centralized identity federation SSO and conditional access policies across cloud and hybrid environments.

 Define and enforce privilege escalation controls break-glass procedures and just-in-time access patterns.

Security Engineering & Automation

 Write Python and PowerShell scripts to automate security assessments remediation workflows and compliance reporting.

 Build and maintain Terraform modules that enforce security controls as code integrated into CI/CD pipelines.

 Partner with Cloud Operations and DevOps to embed security checks into deployment and change management workflows.

Governance & Cross-Functional Leadership

 Serve as the security subject matter expert for cloud architecture reviews and change advisory processes.

 Provide guidance and mentorship to Cloud Operations and Engineering teams on security best practices.

 Lead incident response activities related to cloud security events and contribute to post-incident reviews.

Qualifications :

  8 years of experience in cloud security infrastructure security or security engineering roles.

 Deep hands-on experience with both AWS and Azure security services architecture and best practices.

 Demonstrated experience implementing and managing security frameworks (e.g. CIS NIST SOC 2) at scale in cloud environments.

 Strong background in IAM design and implementation including federation (SAML OIDC) RBAC ABAC and privileged access management.

 Proficiency in Python and PowerShell for security automation and scripting.

 Hands-on experience with Terraform for infrastructure-as-code including writing custom modules and policies.

 Experience with compliance automation and cloud security posture management (CSPM) tools.

 Strong understanding of networking encryption secrets management and cloud-native security controls.

 Excellent written and verbal communication skills with the ability to present security strategies to both technical and executive audiences.

90% Englishwritten and oral (at least B2 level) with excellent communication skills

Additional Information :

 Nice to Have
Relevant certifications such as AWS Security Specialty Azure Security Engineer Associate (AZ-500) CISSP or CCSP.

 Experience with policy-as-code frameworks (e.g. OPA/Rego Sentinel AWS Config Rules Azure Policy).

 Familiarity with multiple security frameworks (e.g. CIS NIST SOC 2 ISO 27001).

 Experience integrating security into CI/CD pipelines (GitHub Actions Azure DevOps Jenkins).

 Background in SRE or cloud operations with a security focus.

 Track record of building IAM maturity programs from the ground up.
 

Must have the ability to travel to the USA (Atlanta GA) 1-2 times per year.

Remote Work :

Yes

Employment Type :

Full-time