Engineer II Cloud (Security and AI Test Automation Engineer)

About The Position

Requirements

• University or post-graduate degree in Computer Engineering, Software Engineering, Computer Science, Data Science (BS/MS).
• 7 + years relevant experience
• 4+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles.
• Strong Knowledge of GCP, Azure, AWS.
• Cloud infrastructure as a code - Experience with Terraform, Helm, ARM, JSON, YAML, REGO
• Compliance as Code (CaC)- Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes
• CI/CD Pipelines- Experience with GitHub actions, Jenkins, Terraform, HashiCorp Vault, Nexus
• AI Tools - Experience Azure Open AI, Azure Content Safety, Azure Foundry, Azure AI Builder, GitHub Copilot, M365 Copilot Studio, and AML
• Scripting and Automation- Proficiency in Python, Bash, PowerShell, and automate testing framework.
• Cloud Security & Compliance – Understanding of CIS benchmarks, NIST standards and security frameworks.

Nice To Haves

• Azure fundamentals certification
• Azure security engineer associate
• GCP fundamentals certification
• Experience with multi cloud security testing GCP, Azure and AWS
• Experience with Container security and Kubernetes policy enforcement

Responsibilities

• Automated testing for cloud policies: Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations.
• Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively.
• Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps.
• Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic.
• Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts.
• Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions.
• Continuous Testing & CI/CD Integration: Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates.
• Automate security scanning and validation of terraform deployments with Python.
• Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.
• Cloud Security and Regulatory Compliance enforcement: Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.
• Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2).
• Reporting & Audit Readiness: Implement/test logging and monitoring solutions to detect compliance violations in real time.
• Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni.
• Ensure that all TD Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.

Benefits

• health and well-being benefits
• savings and retirement programs
• paid time off
• banking benefits and discounts
• career development
• reward and recognition programs