Principal Software Engineer

About The Position

Requirements

• 5+ years of cloud security experience (Azure and/or AWS)
• 3+ years of experience with cloud compliance and governance frameworks
• Demonstrated experience implementing security solutions in production cloud environments
• Experience with infrastructure-as-code (IaC) security and DevSecOps practices
• Expert-level knowledge of Azure security services and architecture
• Expert-level knowledge of AWS security services and architecture
• Strong understanding of cloud networking, identity management, and encryption
• Proficiency with security tools: SIEM, CSPM, vulnerability scanning, configuration management
• Experience with scripting/automation (PowerShell, Python, Terraform, CloudFormation)
• Knowledge of containerization and Kubernetes security (Docker, EKS, AKS)
• Deep knowledge of compliance frameworks: SOC 2, ISO 27001, HIPAA, PCI-DSS, CIS Controls
• Experience with regulatory audits and compliance assessments
• Understanding of cloud-specific compliance challenges and solutions
• Bachelor’s degree in Computer Science, Information Security, or related field OR equivalent professional experience in cloud security roles

Nice To Haves

• AWS Certified Security – Specialty
• Microsoft Azure Security Engineer Associate (AZ-500)
• Certified Cloud Security Professional (CCSK)
• CISSP or similar security certification
• Additional certifications in compliance (CCPA, HIPAA, FedRAMP) are a plus
• Experience with multi-cloud environments
• Background in DevSecOps or secure software development
• Experience with threat intelligence and advanced threat detection
• Knowledge of cloud-native security and serverless security
• Experience with security orchestration and automation (SOAR)
• Background in incident response and forensics

Responsibilities

• Design and implement cloud security architectures for Azure and AWS environments
• Develop security baselines and hardening standards aligned with CIS benchmarks
• Create threat models and conduct security assessments for cloud deployments
• Recommend and implement identity and access management (IAM) solutions
• Design encryption strategies for data at rest and in transit
• Develop and maintain cloud governance policies and standards
• Ensure compliance with regulatory frameworks (SOC 2, ISO 27001, HIPAA, PCI-DSS, FedRAMP, etc.)
• Conduct compliance audits and gap assessments
• Create and maintain compliance documentation and audit trails
• Implement automated compliance monitoring and reporting
• Manage cloud security posture management (CSPM) tools
• Configure and optimize Azure security services (Azure Security Center, Azure Sentinel, Azure Policy, Key Vault, etc.)
• Configure and optimize AWS security services (AWS Config, GuardDuty, Security Hub, IAM, KMS, etc.)
• Implement network security controls (VPCs, security groups, NACLs, firewalls)
• Manage cloud access controls and privilege escalation prevention
• Monitor and respond to security alerts and incidents
• Conduct cloud security risk assessments and vulnerability management
• Develop incident response procedures for cloud environments
• Create security awareness and training programs
• Establish metrics and KPIs for cloud security posture
• Maintain cloud security roadmaps and strategic initiatives
• Partner with cloud architects, DevOps, and development teams to integrate security early
• Provide security guidance and best practices to engineering teams
• Conduct security reviews and code assessments
• Mentor junior security team members
• Present findings and recommendations to leadership and stakeholders