Cloud Security Engineer

Security Risk Advisors Intl. LLC (SRA) is offering a Cloud Security Engineer position. This roleis responsible fordesigning implementing andmaintainingsecurity controls across SRAs multi-cloud environment spanning Microsoft Azure/Entra ID Google Cloud Platform (GCP) and Amazon Web Services (AWS). The Cloud Security Engineer will work closely with internal IT security operations and engineering teams to ensure cloud infrastructure is deployed andmaintainedin a secure compliant and resilient manner.

Essential Functions

• Design implement andmaintaincloud security architectures across Azure/Entra ID GCP and AWS environments.

• Administer and continuously improve cloud identity and access management (IAM) policies roles and privilege models across all three platforms.

• Monitor cloud environments for misconfigurations threats and vulnerabilities using cloud-native and third-party security tooling (e.g. Defender for Cloud Security Command Center AWS Security Hub).

• Operationalize cloud vulnerability and patch management processes ensuringtimelyremediation of identified risks.

• Implement andmaintainCloud Security Posture Management (CSPM) solutions to enforce security baselines and compliance standards.

• Develop and enforce cloud security policies standards and guardrails (e.g. Azure Policy GCP Organization Policies AWS SCPs).

• Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines and infrastructure-as-code (IaC) workflows.

• Conduct cloud security assessments and architecture reviews for new and existing environments.

• Support incident response activities related to cloud infrastructure including investigation containment and remediation.

• Create andmaintaintechnical documentation for cloud security architectures configurations and operational procedures.

• Research and evaluate emerging cloud security technologies and provide recommendations for adoption.

• Developdetectioncontent and security analytics in SRAs internal SOC applicable to cloud environments.

Competencies

In-depth understanding of:

• Microsoft Azure and Entra ID including conditional access PIM and Defender for Cloud

• Google Cloud Platform (GCP) security services including Security Command Center IAM and VPC Service Controls

• Amazon Web Services (AWS) security services including IAMGuardDuty Security Hub and AWS Config

• Cloud identity and access management principles and zero trust architecture

Working knowledge of:

• Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP)

• Infrastructure-as-Code (IaC) tools such as Terraform Bicep or CloudFormation

• Networking concepts as applied to cloud environments (VPCs peering private endpoints firewalls)

• SIEM and EDR technologies in cloud-integrated environments

Experience with:

• CI/CD pipeline security andDevSecOpspractices

• Organizing or supporting penetration testing purple team exercises or cloud-focused security assessments

• Compliance frameworks relevant to cloud environments (e.g. CIS Benchmarks NIST CSF SOC 2)

Moderate experience with:

• Scripting and automation using Python PowerShell or Bash

• Automation via tools such as Power Automate Logic Apps or cloud-native orchestration services

Supervisory Responsibility

None

Work Environment

This joboperates on-sitein a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job the employeeis regularly required totalk and hear; use hands to finger handle or feel; and reach with hands and arms. The employeefrequentlyis required tostand and walk. This is alargely sedentaryrole.

Candidates with disabilities are encouraged to apply and emailwith any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.

Position Type/Expected Hours of Work

This is a full-timepositionand hours of work and days are Monday through Friday 8:30am to evening and weekend work may berequiredas job duties demand.

Travel

Less than 5%.

Required Education and Experience

• Punctuality andtimelyattendance to external client and internal stakeholder needs.

• Abachelors degree in Information Technology Computer Science or a similar field of study or equivalent experience.

• 3 years of hands-on experience in cloud security engineering or a related role with demonstrable experience across at least two of the three major cloud platforms (Azure GCP AWS).

• Relevant cloud security certifications preferred (e.g. AZ-500 SC-100 Google PCSE AWS Security Specialty).

• A passionfor learning about cloud security emerging technologies and threat landscapes.

• Excellent verbal and written communication skills.

• Strong time management and organizational skills.

Other Duties

Pleasenotethis job description is not designed to cover orcontaina comprehensive listing of activities duties or responsibilities that arerequired ofthe employee for this job. Duties responsibilities and activities may change at any time with or without notice.

EEO Statement

Security Risk Advisorsisan Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs job requirements and individual qualifications without regard to race color sex sexual orientation gender identity or expression age religion national origin disability marital or family status veteran status medical condition or any similar category protected under federal state or local laws.

Work with Experts: Robust internal training program plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat video and phone sessions.

Medical / Dental / Other (regular full-time employees only)

• Generous medical dental and vision benefits at different price points.

• Company-paid disability and life insurance.

• Company 401(k) plan including annual 3% safe harbor contribution.

• Free patient advocacy service that helps find care providers and resolve insurance queries.

• Free financial advising.

• Generous parental leave sick leave and vacation policies.

• Possibility to work remotely or with a flexible schedule when needed and approved.

• Company-paid cell phone with discounted accessories.

• 1-2-3 Give Program: 1. SRA will give $1000 to a charity of your choice. 2. If you give an additional amount (up to $1000) then 3. SRA will match that amount up to $1000.

• Other discounted employee-paid benefits including pet insurance legal support and voluntary life insurance.

SRAs mission is tolevel up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself onmaintaininga culture where team members have a shared sense of support and belonging consistent withour ItsPersonal company value. At SRA we prioritize transparent career pathing varied DEI programming and community groups competitive benefits including mental health support and an emphasis on a sustainable healthy and engaging work culture. SRA has twice been nameda BestPlace to Work by the Philadelphia Business Journal.

These Essential Functions Requirements and Skills are guidelines. If you are a candidate who does not meet this exact job description but candemonstrateexcellent organization attention to detail professionalism flexibility and self-direction in your professional background we hope you apply. SRA values a diverse workplace and strongly encourages women people of color LGBTQ individuals people with disabilities members of ethnic minorities and veterans to apply.

Salary Range: $90k - 130k

Required Experience:

IC