Cloud Security Engineer

About The Position

Requirements

• Cloud Platforms: Good understanding of AWS, Azure, and GCP is required, though deep domain expertise is not a prerequisite.
• Cybersecurity: Understanding of cybersecurity and compliance concepts and framework adherence (e.g., NIST, ISO, FedRAMP).
• Education: A Bachelor's or Master’s degree in computer science, software engineering or a related field is preferred.
• Containers & Orchestration: Experience with Containerization (Docker) and orchestration using Kubernetes .
• Software Engineering: Ability to develop code and automation scripts in Python, JavaScript/NodeJS, Bash , or Azure CLI .
• CI/CD & DevOps: Knowledge of containerized software deployments using AzureDevOps Pipelines or GitHub Actions .
• Version Control: Knowledge of version control practices ( GIT ).
• Systems & Monitoring: Basic Linux system administration skills and familiarity with the Elastic stack .
• Network Security: Understanding of network protocols, topologies, and firewall/WAF configuration and use.
• Quick learning: Curiosity and ability to quickly learn new technologies and security practices as the cloud landscape evolves.
• Atleast 5+ years of experience as a Cloud Security / DevSecOps Engineer with a strong background in cloud platform and cybersecurity.
• Must be a U.S. Citizen
• Must be able to obtain background clearance as required by government customer.

Nice To Haves

• Experience with Kyverno policy management.
• Familiarity with tools used to secure cloud and containerized deployments such as Wiz or Prisma Cloud .

Responsibilities

• Security Posture Management: Serve as a member of the team responsible for monitoring and assessing the security posture of cloud infrastructure and deployments across AWS, Azure, and GCP .
• Infrastructure Protection: Deploy and maintain security capabilities, including CNAPP, Vulnerability detection , WAF, and firewalls.
• Automation: Develop tools for automated self-verification of security functions and support automated inventory and security alerting.
• Compliance: Support compliance assessments for various industry standards, including NIST 800-53, OWASP, GDPR, ISO, and SOC 2 .
• Incident Collaboration: Collaborate on detection rules and assist with incident response, occasionally serving as an Incident Coordinator.
• Continuous Improvement: Stay abreast of security technology evolution and provide recommendations to enhance the overall security posture.

Benefits

• Incentive Bonus Plans
• Medical, Dental, Vision benefits
• 401K with Company Match
• 10 Paid Holidays
• Generous Paid Time Off Packages
• Employee Stock Purchase Plan
• Paid Parental & Family Leave