Senior Cloud Security Engineer

What You'll Do

Cloud Security Engineering

• Design and implement security controls for AWS/Azure/GCP cloud environments.
• Secure cloud-native services including compute, storage, networking, containers, databases, and serverless workloads.
• Implement and maintain secure cloud landing zones, IAM controls, and network segmentation strategies.
• Build and enforce security baselines, guardrails, and policies across cloud platforms.

Security as Code & Automation

• Integrate security controls into Terraform, CloudFormation, and CI/CD pipelines.
• Automate security validations, remediation, and compliance checks using Python, Bash, or cloud-native automation tools.
• Develop reusable Infrastructure-as-Code modules with embedded security controls.
• Build automated workflows for posture management, alerting, and incident response.

CSPM, Detection & Compliance

• Manage and optimize CSPM tools for continuous monitoring and compliance visibility.
• Identify, prioritize, and remediate cloud security risks and misconfigurations.
• Collaborate with SOC and platform teams to improve cloud threat detection and response capabilities.
• Support compliance initiatives aligned with standards such as RBI, ISO 27001, PCI-DSS, SOC2, or CIS benchmarks.

Container & Platform Security

• Secure Kubernetes, ECS/EKS/AKS/GKE, Docker, and container registries.
• Implement container image scanning, runtime security, and admission controls.
• Strengthen CI/CD security including secrets management, artifact integrity, and vulnerability scanning.

Collaboration & Mentorship

• Work closely with DevOps, SRE, Platform, and Engineering teams to enable secure cloud adoption.
• Mentor junior engineers and contribute to security best practices and documentation.
• Participate in architecture reviews and cloud security assessments.

What We're Looking For

Required Qualifications

• 5+ years of experience in Cloud Security, DevSecOps, Infrastructure Security, or Platform Engineering.
• Strong hands-on expertise in AWS security services and good familiarity with Azure and/or GCP.
• Experience securing Kubernetes and containerized workloads.
• Strong knowledge of IAM, cloud networking, encryption, WAFs, secrets management, and vulnerability management.
• Experience with Terraform, CloudFormation, or similar IaC tools.
• Proficiency in scripting and automation using Python, Bash, or similar languages.
• Experience with CSPM/CNAPP tools such as Prisma Cloud, Wiz, Lacework, or Defender for Cloud.
• Good understanding of CI/CD security and DevSecOps practices.

Preferred Qualifications

• Certifications such as:
• Amazon Web Services Certified Security – Specialty
• Microsoft Security Engineer Associate
• Google Cloud Professional Cloud Security Engineer
• ISC2
• Experience with SIEM/SOAR integrations and automated response workflows.
• Exposure to cloud governance, policy-as-code, and runtime protection.