Cloud & CI/CD Security Subject Matter Expert to join a global consulting firm's Security Operations – Attack Surface Management (ASM) team within their Information Security & Risk Management function.
This is a great opportunity to work on enterprise-scale cloud security, CI/CD pipelines, and Infrastructure-as-Code (IaC) within a highly collaborative, global environment.
Key Responsibilities:
- Own end-to-end lifecycle of security findings – detection, triage, remediation, and closure
- Secure CI/CD pipelines and cloud environments across multi-cloud platforms (AWS preferred)
- Investigate and remediate hardcoded secrets in repositories
- Review IaC templates for security misconfigurations and provide remediation guidance
- Collaborate with engineering, DevOps, and architecture teams
- Build and maintain security runbooks and playbooks
Required Skills:
- 3–6 years of experience in Cloud Security / DevSecOps / Security Engineering
- Strong experience securing CI/CD pipelines
- Hands-on with IAM, cloud networking, and security best practices
- Experience with automation and scripting for security workflows
- Strong background in IaC security (Terraform, CloudFormation, etc.)
- Experience managing security findings, SLAs, and stakeholder communication
- Ability to translate technical findings into actionable insights
