Senior Cloud Security Engineer

Our company:

    We are seeking a highly skilled Senior Cloud Security Specialist to join our team. The selected candidate will play a critical role in building and fostering a security-focused culture within our organization. They will be responsible for identifying, quantifying, and managing technology risks affecting the business, with a particular focus on cloud security. The candidate will serve as a subject matter expert for IT Risk and Cyber domains, collaborating with cross-functional teams to ensure security, risk, and compliance objectives are met. Additionally, they will be expected to provide guidance on security best practices for application architectures and cloud platforms.


What we are looking from an ideal candidate?

    • Cultivate a security-focused culture through collaboration with business and technology teams.
    • Identify, quantify, and manage technology risks impacting the business, providing recommendations for resolution.
    • Proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation.
    • Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains.
    • Collaborate on firm-mandated audits and perform required reviews associated with the audit.
    • Review Identity and Access Management (IAM) control standards and perform access reviews.
    • Ensure security of designs and blueprints for application architectures and cloud platforms.
    • Act as the cloud-security and compliance subject matter expert for the supported teams.

Preferred Skills:

What skills do you need?

    Skill Set Required:

    • Cloud Security: Proficiency in securing cloud environments.
    • Application Security: Understanding of application security principles.
    • Mathematical/Statistic Mindset: Ability to analyze security data with a statistical approach.
    • Network Security Technology: Knowledge of network security technologies.
    • Infrastructure Security (On Prem): Understanding of on-premises infrastructure security (Good to Have).

    Qualifications:

    • Experience: 6+ years, with a minimum of 5-6 years in cloud security.
    • Hands-on experience securing public cloud workloads in a hybrid, corporate environment.
    • Solid understanding of firewalls, Web Application Firewalls (WAFs), Web Gateways, and Intrusion Prevention Systems (IPS).
    • Practical understanding of Agile, ITIL, monitoring, and metrics.
    • Experience with security and regulatory compliance standards and frameworks.
    • Expertise in identity and access management methodologies and related solutions (e.g., Active Directory, Azure AD, LDAP, SSO, MFA).
    • Experience with Secure Software Development Life Cycle (SSDLC) practices such as code review, threat modeling, and dynamic application scanning.
    • Knowledge of security controls, configuration management, and vulnerability management in public cloud environments.