10872 - Cloud Security Engineer I - Engineering

About The Position

Requirements

• Experience: 5+ years of experience in Cloud Security, Cloud Engineering, or Security Engineering. Practical experience working with AWS, Azure, and GCP in production environments. Demonstrated experience ensuring cloud logging feeds into centralized log management and SIEM platforms. Hands-on experience managing Cloud Security Posture Management (CSPM) tools across multi-cloud environments.
• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer science or a related field.
• Technical Expertise: Working knowledge of Cloud identity and access management, Cloud-native logging and monitoring services, and Common cloud security misconfigurations and threats. Strong troubleshooting and collaboration skills.
• Language Skills: Excellent stakeholder management and communication skills. Proficient in English for effective communication and coordination.

Nice To Haves

• Experience: Hands on experience with CSPM tools such as Prisma Cloud, Wiz, Lacework or similar. A working understanding of cloud security frameworks and benchmarks (e.g. CIS). Experience supporting audits or compliance activities related to cloud security.
• Education and Certifications: Masters degree in Cybersecurity, Information Technology, Computer Science or a related discipline is preferred. Industry-recognized credentials such as CISSP, CISM, or cloud specific certifications for AWS, Azure or GCP security are highly desirable.
• Language Skills: Bi-lingual in English and Korean language proficiency is preferred to support global coordination and communication.

Responsibilities

• Cloud Security Standards & Governance
• Supporting the Cloud Security Architect, maintain and support the Cloud Security Standard across all iterations and lifecycle phases, ensuring it remains current, actionable, and aligned with:
• Cloud provider capabilities (AWS, Azure, GCP)
• Organizational security requirements
• Industry best practices and threat landscape changes
• Partner with other teams to ensure standards are:
• Technically feasible
• Consistently implemented
• Clearly documented and communicated
• Support reviews and updates to the standard as cloud services, architectures, and risks evolve.
• Cloud Logging, Monitoring & SIEM Integration
• Ensure cloud logging is consistently enabled, configured, and maintained across AWS, Azure, and GCP environments.
• Work with Security Operations and Platform teams to ensure logs are:
• Reliably ingested into centralized log management and SIEM platforms
• Structured and normalized to support detection, investigation, and audit needs
• Validate coverage for critical log sources, including:
• Identity and access activity
• Network and perimeter events
• Resource configuration and management activity
• Support troubleshooting of log gaps, ingestion failures, and data quality issues.
• Cloud Security Posture Management (CSPM)
• Operate and maintain CSPM capabilities across AWS, Azure, and GCP environments.
• Monitor CSPM findings to identify:
• Misconfigurations
• Policy violations
• Security control gaps
• Partner with engineering teams to drive remediation of CSPM findings, ensuring:
• Clear ownership
• Risk-based prioritization
• Sustainable fixes
• Support tuning of CSPM policies and rules to reduce noise and improve signal quality.
• Collaborate with the Risk Operations team to ensure CSPM findings that are not automatically remediated are tracked as Risk Issues.
• Security Operations & Risk Enablement
• Collaborate with Cyber Defense, Incident Response, and the Integrated Risk Management team to ensure cloud security controls support operational and risk objectives.
• Provide input into cloud-related risk assessments, audits, and security reviews.
• Assist with security investigations and incident response activities involving cloud environments.