Cloud Security Engineer

Who We Are

We are committed to ensuring the confidentiality, integrity, and availability of our cloud-hosted applications, data, and infrastructure. Our team applies industry best practices, threat-mitigation techniques, and compliance standards such as ISO 27001, PCI DSS, and relevant regulatory guidelines to secure our evolving cloud environment.

The Role

The Cloud Security Engineer is responsible for designing, implementing, and managing security controls across the organization’s cloud environments. The role ensures secure architectures, proactive threat detection, and continuous compliance across AWS, Azure, GCP, and cloud-native technologies.

What You Will Do

Cloud Security Architecture & Engineering

• Design and implement secure cloud architectures for IaaS, PaaS, and SaaS platforms (AWS, Azure, GCP).
• Implement Zero Trust principles, network segmentation, and secure landing zones.
• Define and enforce cloud security baselines, hardening standards, and configuration policies.

Cloud Security Operations

• Manage cloud-native security tools (AWS Security Hub, GuardDuty, Azure Defender, GCP Security Command Center).
• Monitor and remediate misconfigurations using CSPM and CIEM solutions.
• Conduct continuous security assessments and vulnerability remediation on cloud assets.
• Support DevOps pipelines by integrating security tools (SAST and DAST).

Identity & Access Management

• Implement and manage identity controls such as IAM, RBAC, MFA, and conditional access policies.
• Review and enforce least privilege access for users, applications, and services.

Threat Detection & Incident Response

• Analyze cloud-specific security alerts, investigate suspicious activities, and respond to incidents.
• Support threat hunting and logging activities using SIEM/SOAR platforms.
• Develop runbooks and playbooks for cloud-related incidents.

Compliance & Governance

• Ensure cloud environments meet internal security policies, regulatory requirements, and frameworks such as ISO 27001, PCI DSS, CIS Benchmarks, NIST CSF.
• Conduct periodic cloud compliance audits and provide remediation guidance.

Documentation & Collaboration

• Create and maintain security documentation including architecture diagrams, SOPs, and hardening guides.
• Work closely with DevOps, Networking, Infrastructure, and other teams to ensure secure deployment of cloud workloads.
• Train and guide technical teams on cloud security best practices.

What You Bring

• Bachelor’s degree in computer science, Information Security, Engineering, or related field.
• 5–7 years hands-on experience in cloud engineering or cloud security.
• Strong experience with at least one major cloud platform (AWS, Azure, or GCP).
• Experience with cloud security tools: CSPM, WAF, API Gateway security, Firewalls, and vulnerability scanners.
• Solid understanding of networking concepts: VPC, subnets, VPN, firewalls, routing, DNS, load balancing.
• Experience with security frameworks such as ISO 27001, NIST, CIS, and PCI DSS.

Preferred Certifications (Any 3 of the following)

• AWS Certified Security – Specialty
• Microsoft Azure Security Engineer (AZ-500)
• Google Professional Cloud Security Engineer
• CISSP, CISM, CCSP, CEH
• CompTIA Security+, Cloud+

Key Skills

• Cloud architecture and security hardening
• Identity and Access Management
• Threat detection and incident response
• Container and Kubernetes security
• Strong analytical and troubleshooting skills
• Excellent communication and documentation skills

What’s In It For You

• Competitive compensation and performance-driven rewards.
• Opportunity to work with modern cloud security technologies across AWS, Azure, and GCP.
• A collaborative and high-impact engineering environment.
• Professional development support, including certifications and specialized security training.
• Exposure to advanced cloud architectures, DevSecOps practices, and enterprise-scale security programs.
• A culture that values innovation, ownership, and continuous improvement.