Cloud Security Engineer

About The Position

Requirements

• In-depth understanding of Microsoft Azure and Entra ID, including conditional access, PIM, and Defender for Cloud
• In-depth understanding of Google Cloud Platform (GCP) security services, including Security Command Center, IAM, and VPC Service Controls
• In-depth understanding of Amazon Web Services (AWS) security services, including IAM, GuardDuty, Security Hub, and AWS Config
• In-depth understanding of Cloud identity and access management principles and zero trust architecture
• Working knowledge of Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP)
• Working knowledge of Infrastructure-as-Code (IaC) tools such as Terraform, Bicep, or CloudFormation
• Working knowledge of Networking concepts as applied to cloud environments (VPCs, peering, private endpoints, firewalls)
• Working knowledge of SIEM and EDR technologies in cloud-integrated environments
• Experience with CI/CD pipeline security and DevSecOps practices
• Experience with Organizing or supporting penetration testing, purple team exercises, or cloud-focused security assessments
• Experience with Compliance frameworks relevant to cloud environments (e.g., CIS Benchmarks, NIST CSF, SOC 2)
• Moderate experience with Scripting and automation using Python, PowerShell, or Bash
• Moderate experience with Automation via tools such as Power Automate, Logic Apps, or cloud-native orchestration services
• A bachelor's degree in Information Technology, Computer Science, or a similar field of study, or equivalent experience.
• 3+ years of hands-on experience in cloud security engineering or a related role, with demonstrable experience across at least two of the three major cloud platforms (Azure, GCP, AWS).
• Relevant cloud security certifications preferred (e.g., AZ-500, SC-100, Google PCSE, AWS Security Specialty).
• A passion for learning about cloud security, emerging technologies, and threat landscapes.
• Excellent verbal and written communication skills.
• Strong time management and organizational skills.
• Punctuality and timely attendance to external client and internal stakeholder needs.

Responsibilities

• Design, implement, and maintain cloud security architectures across Azure/Entra ID, GCP, and AWS environments.
• Administer and continuously improve cloud identity and access management (IAM) policies, roles, and privilege models across all three platforms.
• Monitor cloud environments for misconfigurations, threats, and vulnerabilities using cloud-native and third-party security tooling (e.g., Defender for Cloud, Security Command Center, AWS Security Hub).
• Operationalize cloud vulnerability and patch management processes, ensuring timely remediation of identified risks.
• Implement and maintain Cloud Security Posture Management (CSPM) solutions to enforce security baselines and compliance standards.
• Develop and enforce cloud security policies, standards, and guardrails (e.g., Azure Policy, GCP Organization Policies, AWS SCPs).
• Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines and infrastructure-as-code (IaC) workflows.
• Conduct cloud security assessments and architecture reviews for new and existing environments.
• Support incident response activities related to cloud infrastructure, including investigation, containment, and remediation.
• Create and maintain technical documentation for cloud security architectures, configurations, and operational procedures.
• Research and evaluate emerging cloud security technologies and provide recommendations for adoption.
• Develop detection content and security analytics in SRA's internal SOC applicable to cloud environments.

Benefits

• Robust internal training program
• Company-paid external training
• Free mental health support
• Generous medical, dental, and vision benefits
• Company-paid disability and life insurance
• Company 401(k) plan including annual 3% safe harbor contribution
• Free patient advocacy service
• Free financial advising
• Generous parental leave, sick leave, and vacation policies
• Possibility to work remotely or with a flexible schedule
• Company-paid cell phone with discounted accessories
• 1-2-3 Give Program: SRA will give $1,000 to a charity of your choice, and match additional employee contributions up to $1,000.
• Discounted, employee-paid benefits including pet insurance, legal support, and voluntary life insurance.