Cloud Support Engineer - Security

About The Position

Requirements

• Cloud Certification (Azure Or AWS).
• Minimum 5 years of experience in cloud security, cloud engineering with a primary security focus, or security operations supporting public cloud environments.
• Minimum 3 years of hands-on security experience in AWS and Azure, including implementing IAM, network security controls, logging/monitoring, and policy enforcement; relevant cloud certifications required (AWS and/or Azure).
• Previous experience operating and improving security controls such as CSPM, vulnerability management, SIEM/SOAR, EDR, and incident response processes.
• Hands-on scripting/automation experience (Python, Bash, and/or PowerShell) and Infrastructure as Code concepts to automate security checks and guardrails.
• Excellent communication skills (verbal and written), with the ability to translate security risk into clear technical and business recommendations.

Nice To Haves

• HITRUST and/or other regulated-environment experience (e.g., SOC 2, ISO 27001), including audit support and evidence collection.
• Experience securing Databricks and data platforms (workspace access controls, secret scopes, logging, network controls).
• Infrastructure as Code (IaC) experience, especially Terraform, including policy-as-code/guardrails (e.g., Sentinel/OPA) and standardized secure modules.
• Container/Kubernetes security experience (image scanning, admission controls, runtime protections, and cluster hardening).

Responsibilities

• Provide security guidance for cloud architectures and changes (network segmentation, private connectivity, encryption patterns, key management), and review designs for risk and alignment to standards.
• Implement and maintain least-privilege access using AWS IAM/Organizations and Azure Entra ID/RBAC, including privileged access workflows, role design, service principals, and periodic access reviews.
• Enable and tune cloud-native security signals (e.g., CloudTrail/Config/GuardDuty, Azure Activity Logs/Defender for Cloud/Sentinel) and ensure centralized logging, alerting, and actionable runbooks.
• Drive patching and vulnerability remediation for cloud workloads and platform services; enforce secure configuration baselines and continuously assess drift using CSPM/configuration tools.
• Build guardrails and automate security controls with Infrastructure as Code (e.g., Terraform) and scripting (Python/Bash/PowerShell), including policy-as-code, CI/CD checks, and standardized hardened templates.
• Maintain cloud security standards, support audits (e.g., HITRUST), evidence collection, risk assessments, and exception management; translate control requirements into actionable technical controls.
• Collaborate with cloud/platform teams and application owners to prioritize security work, provide guidance, and deliver secure-by-default patterns without blocking delivery.

Benefits

• Medical, Dental and Vision – Coverage for employees, dependents, and domestic partners
• Employee Assistance Program (EAP) – Confidential support for personal and work-related challenges
• 401(k) Plan – Includes a company matching program and profit-sharing contributions.
• Discretionary Bonus Program – Recognizing employee contributions
• Flexible Spending Accounts (FSA) – Pre-tax savings for dependent care, transportation, and eligible medical expenses
• Paid Time Off (PTO) – Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis
• Holidays – A minimum of 10 paid holidays per year
• Family Building Benefits – Includes adoption and fertility assistance
• Paid Parental Leave – Up to 12 weeks of paid leave for employees who meet eligibility criteria
• Life Insurance & AD&D – 100% of premiums covered by Milliman
• Short-Term and Long-Term Disability – Fully paid by Milliman