Cloud Security Engineer V

About The Position

Requirements

• 8+ years of progressive experience in IT, cybersecurity, or cloud engineering, with at least 10 years of hands-on experience in Microsoft Azure security architecture and operations.
• Demonstrated experience in software development or platform engineering, with working proficiency in at least two of the following: Python, PowerShell, Go, Bash, or TypeScript.
• Proven track record of designing and implementing IaC-driven cloud environments using tools such as Terraform, Bicep, or ARM templates.
• Hands-on experience integrating security tooling into CI/CD pipelines (e.g., GitHub Actions, Azure DevOps, GitLab CI) and working within DevSecOps workflows.
• Proven success leading or significantly contributing to data center-to-cloud migration initiatives.
• Success with AI/ML workload security or securing generative AI deployments.
• Bachelor's degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field (or equivalent professional experience).
• At least one active cloud security certification is required: CCSP, CISSP, Microsoft Certified: Cybersecurity Architect Expert (SC-100), AZ-500 (Azure Security Engineer Associate), or equivalent.
• Must have, or be eligible to obtain, a valid driver’s license and driving record within the standards outlined within Hanger’s Motor Vehicle Safety Policy and Procedures.

Nice To Haves

• Additional certifications in cloud engineering, DevSecOps, or AI security are a strong plus (e.g., AZ-305, Terraform Associate, Certified Kubernetes Security Specialist).
• Deep expertise in cloud IAM, including Zero Trust architecture, identity governance, conditional access, privileged access management, and modern authentication protocols.
• Strong knowledge of cloud-native security services and tooling: CSPM, CNAPP, SIEM/SOAR, endpoint protection, and threat intelligence platforms.
• Strong understanding of container and orchestration security (Docker, Kubernetes), including image scanning, runtime protection, and workload isolation.
• Familiarity with security frameworks and standards (NIST CSF, CIS Controls, ISO 27001, SOC 2) and their application in cloud environments.
• Working knowledge of AI-driven security tools and an understanding of how machine learning is applied to threat detection, behavioral analytics, and automated incident response.
• Expertise in data protection strategies including encryption, key management, data classification, and data loss prevention in cloud environments.
• Excellent analytical and problem-solving skills, with the ability to evaluate complex systems and design pragmatic security solutions.
• Flexible and collaborative with a proven ability to build consensus among cross-functional teams and influence technical decision-making.
• Strong written and verbal communication skills, with the ability to present complex security topics to both technical and non-technical audiences.
• Demonstrated ability to mentor engineers and elevate security awareness across an organization.
• Act with integrity in all ways and at all times, remaining honest, transparent, and respectful in all relationships.
• Keep the patient at the center of everything that you do, building lifelong trust.
• Foster open collaboration and constructive dialogue with everyone around you.
• Continuously innovate new solutions, influencing and responding to change.
• Focus on superior outcomes, and calibrate work processes for outstanding results.

Responsibilities

• Design, develop, and implement cloud security architecture solutions in Microsoft Azure aligned with business objectives, technical requirements, and industry frameworks (e.g., NIST CSF, CIS Benchmarks).
• Build and maintain security automation using Infrastructure as Code (IaC) tools such as Terraform, Bicep, or ARM templates to ensure consistent, repeatable, and auditable deployments.
• Architect and implement cloud-native security controls including network segmentation, micro-segmentation, encryption at rest and in transit, and secrets management.
• Partner with IT Infrastructure and Enterprise Architecture teams on the migration strategy for moving on-premise data centers to Microsoft Azure, ensuring environments are secure, compliant, and resilient from day one.
• Evaluate and remediate security risks across hybrid and cloud-native architectures throughout the migration lifecycle.
• Implement and manage Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) tooling to maintain continuous visibility and compliance.
• Collaborate with development and platform engineering teams to embed security into CI/CD pipelines, including static/dynamic code analysis (SAST/DAST), container image scanning, dependency vulnerability scanning, and automated policy enforcement.
• Write production-quality code and automation scripts (Python, PowerShell, Bash, or Go) to build security tooling, automate remediation workflows, and integrate security controls across cloud services.
• Champion secure software development practices across engineering teams, including threat modeling, secure code review, and security architecture assessments.
• Support the adoption of policy-as-code and detection-as-code practices to enforce security standards programmatically.
• Lead the design, development, and implementation of a cloud-based IAM strategy, including Zero Trust principles, least-privilege enforcement, conditional access, and identity governance.
• Manage and optimize identity platforms (e.g., Microsoft Entra ID), role-based access control (RBAC), privileged access management (PAM), and authentication protocols (OAuth 2.0, SAML, OIDC).
• Implement and tune cloud-native monitoring, logging, and alerting using tools such as Microsoft Sentinel or equivalent SIEM/SOAR platforms.
• Develop and enforce cloud security policies, standards, and procedures, and maintain audit readiness for applicable compliance frameworks.
• Stay current with emerging technologies, threat vectors, and industry trends — including AI-driven threat detection, container and serverless security, and evolving regulatory requirements.
• Act as a subject matter expert, providing technical guidance and mentorship to other engineers and cross-functional team members.

Benefits

• Competitive Compensation Packages
• 8 Paid National Holidays & 4 additional Floating Holidays
• PTO that includes Vacation and Sick time
• Medical, Dental, and Vision Benefits
• 401k Savings and Retirement Plan
• Paid Parental Bonding Leave for New Parents
• Flexible Work Schedules and Part-time Opportunities
• Generous Employee Referral Bonus Program
• Mentorship Programs- Mentor and Mentee
• Student Loan Repayment Assistance by Location
• Relocation Assistance
• Regional & National traveling CPO/CO/CP opportunities
• Volunteering for Local and National events such as Hanger’s BAKA Bootcamp and EmpowerFest