Cloud Security Engineer

About The Position

Requirements

• 5+ years of experience in information security, with strong focus on cloud and SaaS security.
• Hands-on experience with Cloud Security Posture Management (CSPM) in AWS and/or Azure.
• Experience with SaaS Security Posture Management (SSPM) tools such as: CrowdStrike Falcon Shield Palo Alto (SaaS / Prisma-related capabilities) or similar platforms
• Strong understanding of container security and Kubernetes environments.
• Proficiency in scripting and automation (Python, PowerShell, Bash).
• Practical experience with Infrastructure-as-Code (IaC) and Policy-as-Code (PaC).
• Solid understanding of IAM, identity federation, least-privilege access, and SaaS permissions models.
• Ability to work cross-functionally with cloud, DevOps, AppSec, and platform teams.

Nice To Haves

• Experience securing MLOps pipelines and AI-enabled platforms.
• Familiarity with AI Security Posture Management (AI-SPM) concepts and tooling.
• Experience integrating security into CI/CD pipelines.
• Knowledge of cloud-native security services (AWS Security Hub, GuardDuty, Azure Defender, etc.).
• Security certifications such as CISSP, CCSP, AWS/Azure Security certifications.

Responsibilities

• Support SaaS Security Posture Management (SSPM) initiatives across enterprise SaaS platforms.
• Configure, operate, and tune SSPM/CSPM tools to identify misconfigurations, excessive permissions, and risky integrations.
• Support and mature CSPM capabilities across AWS and Azure, including continuous monitoring and risk prioritization.
• Partner with application owners to drive remediation of SaaS and cloud security findings.
• Secure cloud-native workloads across AWS and Azure using native and third-party security controls.
• Support container and Kubernetes security, including image scanning, runtime protections, and policy enforcement.
• Collaborate with DevSecOps teams to embed security controls into CI/CD pipelines.
• Develop and maintain security automation using scripting languages (Python, PowerShell, Bash).
• Implement and review Infrastructure-as-Code (Terraform, ARM, CloudFormation) with a security-first mindset.
• Design and enforce Policy-as-Code (OPA, Sentinel, native cloud policies) to prevent insecure deployments.
• Enable shift-left security by integrating controls early in the development lifecycle.
• Contribute to emerging AI Security Posture Management (AI-SPM) efforts.
• Partner with platform and data teams to assess and secure MLOps pipelines, models, and supporting infrastructure.
• Help define guardrails for AI usage, data access, and model governance.
• Translate technical findings into actionable risk insights for remediation.
• Support audits, risk assessments, and regulatory inquiries related to cloud and SaaS security.
• Stay current on emerging threats, SaaS attack patterns, cloud security trends, and AI security risks.
• Mentor junior team members and influence secure-by-design practices across the organization.

Benefits

• Health, dental, vision and life insurance plans
• 401(k) Savings plan – with generous company matching contributions (up to 6%)
• Voya Retirement Plan – employer paid cash balance retirement plan (4%)
• Tuition reimbursement up to $5,250/year
• Paid time off – including 20 days paid time off, nine paid company holidays and a flexible Diversity Celebration Day.
• Paid volunteer time — 40 hours per calendar year