Job Summary
We are seeking a Lead Cloud Security Engineer to design, implement, and maintain a secure, scalable, and resilient cloud infrastructure.
This role focuses on strengthening access control, threat detection, data protection, and compliance in AWS and/or Azure environments.
The ideal candidate will have expertise in cloud-native security tools, automation, and DevSecOps integration while collaborating with cross-functional teams to enforce security best practices.
Key Responsibilities
- Identify and assess security risks, communicate threats to stakeholders, and implement remediation strategies.
- Design and maintain preventive and remediation controls across AWS and Azure.
- Apply security frameworks, including CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), and Microsoft Cloud Security Benchmark (MCSB).
- Track and report on the effectiveness of AWS/Azure detective controls and third-party security solutions (e.g., Wiz).
- Develop security processes, cloud policies, and standards to ensure proactive threat response.
- Assist teams in integrating security into CI/CD pipelines and workflows.
- Implement security automation to improve security posture.
- Conduct security audits and ensure compliance with industry regulations (e.g., GDPR, HIPAA).
- Maintain and manage cloud security documentation.
- Work with developers, architects, and operations teams to enforce security best practices.
- Lead training sessions and workshops on AWS and Azure security.
- Stay updated on emerging cloud security trends and integrate innovative solutions.
Required Qualifications
- Strong experience in AWS and/or Azure security services.
- Hands-on expertise with AWS: IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, Config, Automated Security Remediation and Azure: Entra ID, Cloud Defender.
- Experience securing containers and Kubernetes.
- Strong network security skills (e.g., securing virtual networks, firewalls, governance, subnets).
- Knowledge of IaaS resource patching and container image scanning.
- Familiarity with third-party security tools (e.g., Cloud Custodian, Stacklet).
- Experience managing hybrid cloud environments.
- Proficiency in Python, Terraform, AWS Lambda, Azure Functions.
- Hands-on experience with Infrastructure as Code (IaC) tools (e.g., Terraform).
- Experience implementing policy-as-code solutions using GitHub Copilot, AWS Code Whisperer.
- Knowledge of cloud security compliance frameworks (CIS, AWS/FSBP, Microsoft/MCSB, GDPR, HIPAA).
- Expertise in embedding security within DevOps workflows and CI/CD pipelines.
- Hands-on experience with GitHub, Azure DevOps, PowerShell, Bash, AWS/Azure CLI.
- Familiarity with container security in AWS/Azure.
- Strong analytical mindset to assess complex security challenges.
- Ability to effectively communicate security concepts to technical and non-technical stakeholders.
- Collaborative mindset for working in federated operating models.
- Commitment to continuous learning in security best practices and emerging technologies.
Preferred Certifications
- AWS Certified Security – Specialty
- AWS Certified DevOps Engineer - Professional
- Microsoft Certified: Azure Security Engineer Associate
- Microsoft Certified: DevOps Engineer Expert
- CISSP, CCSP, or equivalent industry certifications
Education: Bachelors Degree
Certification: AWS Certified Security , AWS Certified DevOps Engineer , Microsoft Certified: Azure Security Engineer Associate , Microsoft Certified: DevOps Engineer Expert , Certified Information Systems Security Professional , Certified Cloud Security Professional (CCSP)
