Description
Key Skills: Google Cloud Platform, AWS, Azure, Cloud Security, IAM, CSPM, Python, Terraform, Zero Trust, DevSecOps
Good to Have Skills: Oracle Cloud Infrastructure (OCI), GCP Security Command Center, AWS Security Hub, Azure Defender for Cloud, OCI Cloud Guard, network security, encryption, key management, logging and monitoring, CWPP solutions, CloudFormation, Bash, PowerShell, cloud-native automation tooling, SIEM and SOAR platform integration, infrastructure-as-code security, CIS benchmarks, NIST CSF, ISO 27001 compliance, cloud security certifications (Google Professional Cloud Security Engineer, AWS Certified Security – Specialty, Azure Security Engineer Associate), security certifications (CISSP, CCSP, CISM), cloud-native security design patterns.
Roles & Responsibilities:
- Provide direct technical leadership and day-to-day oversight of cloud security operations across GCP, AWS, Azure, and OCI platforms.
- Own and manage cloud security operations including configuration reviews, misconfiguration detection, prioritization, remediation tracking, and validation processes.
- Serve as a key execution partner and escalation point for cloud security initiatives, ensuring alignment with enterprise security strategy.
- Design, optimize, and maintain cloud security review and monitoring strategies using native cloud security tools and CSPM platforms.
- Translate large-scale cloud security findings into actionable risk intelligence through dashboards, metrics, and executive reporting.
- Drive risk-based prioritization of cloud security issues using threat intelligence, asset criticality, exposure, and business impact analysis.
- Partner with application owners, DevOps, and platform teams to provide clear remediation guidance and influence timely risk reduction decisions.
- Ensure secure implementation and continuous improvement of IAM, network segmentation, encryption, logging, and monitoring controls across cloud platforms.
- Lead and support secure architecture and design reviews for new and existing cloud workloads.
- Develop, enhance, and maintain automation and scripting to detect misconfigurations and enforce cloud security baselines.
- Monitor emerging cloud security threats, vulnerabilities, and regulatory changes, incorporating lessons learned into improved controls and processes.
- Mentor and develop cloud security engineers and analysts, strengthening technical depth and operational maturity.
Experience Required: 9+ years of experience in cloud security engineering, DevSecOps, or cloud security operations with proven experience acting as a technical lead or senior engineer supporting cloud security programs in a global enterprise environment.
Education: Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or equivalent practical experience preferred