Cloud Security Engineer

Axis Capital Holdings-posted 3 months ago
$125,000 - $165,000/Yr
Full-time • Mid Level
New York, NY
1,001-5,000 employees
Management of Companies and Enterprises
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

We are looking for a forward-thinking Cloud Security Engineer to join our cybersecurity team and lead the design, implementation, and continuous improvement of our cloud security posture. This role is deeply technical and strategic, focusing on securing cloud-native architectures, enforcing policy-as-code, and embedding defense-in-depth principles across multi-cloud environments. You will work closely with cloud architects, DevOps, and application teams to ensure that security is built into every layer of our cloud infrastructure-from identity and access to workload protection and network segmentation.

  • Develop and maintain secure, scalable, and resilient cloud architectures aligned with industry frameworks such as CIS Controls and MITRE ATT&CK for Cloud.
  • Define and implement hardened configurations for computing, storage, networking, and identity services across all cloud environments using security benchmarks and policy-as-code.
  • Engineer, Architect and enforce robust identity and access management (IAM) models, including role-based access control (RBAC), attribute-based access control (ABAC), and least privilege principles.
  • Apply layered security controls across identity, network, data, and application layers to reduce attack surface and improve detection and response capabilities.
  • Use Infrastructure as Code (IaC) and policy-as-code to automate the deployment and enforcement of security controls, ensuring consistency and auditability across environments.
  • Work with development teams in architecture design and review sessions.
  • Provide specific security expertise on cloud platforms including areas such as IAM, secure storage access, authentication methods, encryption, logging and monitoring, and application security.
  • Perform proactive threat modelling and architecture reviews for new cloud initiatives, identifying risks and recommending mitigation strategies early in the design phase.
  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
  • Develop technical solutions and security tools to help mitigate security vulnerabilities and support efficient operations on cloud platforms.
  • Integrate security into DevOps pipelines by embedding configuration scanning, secrets detection, and compliance checks into build and deployment processes.
  • Represent cybersecurity within Enterprise Architecture and Platform Engineering forums to ensure projects and designs are based on internal and industry best security practices.
  • Stay current with evolving threats, vulnerabilities, and best practices in cloud security; lead initiatives to improve posture through automation, tooling, and process refinement.
  • Bachelor's degree in computer science, Information Systems, Engineering or similar or equivalent work experience.
  • 5+ years of experience in security engineering, architecture, or DevSecOps roles on Cloud platform.
  • Strong knowledge and hand on experience with cloud computing concepts, particularly Microsoft Azure PaaS, IaaS.
  • Experience in CNAPP, CSPM, and CWPP platforms.
  • Knowledge of frameworks and standards, such as NIST Cybersecurity set of frameworks, CIS, ISO, MITRE and OWASP.
  • Experience with application architectures and technology like API's, Docker, Kubernetes, and microservices.
  • Hands on experience on the cloud console and configuration settings for cloud services.
  • Strong communication and collaboration skills, with the ability to influence engineering teams and articulate security risks to both technical and non-technical stakeholders.
  • Proficiency in scripting or automation (Python, Bash, PowerShell) and IaC tools (Terraform, CloudFormation, ARM).
  • Experience with container and Kubernetes security (e.g., EKS, AKS).
  • Preferred Security Certifications: CISSP, CCSP, AWS/Azure/GCP Security Specialty certifications (AZ-500, AZ-300).
  • Comprehensive and competitive benefits package including medical plans for you and your family.
  • Health and wellness programs.
  • Retirement plans.
  • Tuition reimbursement.
  • Paid annual leave.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cloud Security Engineer Resume Examples
Cloud Security Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service