Principal Cloud Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science or a related technical field, or equivalent practical experience.
• 8 + years of experience in the support of security-focused tools and services.
• Minimum of 3 years of experience in support of security for Cloud Architectures.
• Technical experience or understanding of commonly used EDR (e.g., SentinelOne, Carbon Black, Trend Micro, Crowdstrike, Microsoft Defender), network firewall (Palo Alto, Fortinet, AWS Firewall, Azure Firewall, Google Cloud Firewall), email security (Mimecast, Proofpoint), and workforce (O365, G Suite) software, technologies and standards.
• Experience with Azure Security Center, AWS Security Hub, or Google Cloud Security.
• Experience with security monitoring solutions (e.g., AWS CloudTrail, Azure Log Analytics, Google Cloud Audit Logs, SIEM, Cloud Security, or Cloud-Scale Monitoring).
• Experience with securing CI/CD pipelines (e.g., Jenkins, git, CircleCI, TeamCity, Checkov, Fugue, Sentinel).
• Experience with scripting and programming languages such as Python, Bash, Jinja, YAML, etc.
• Comfort working in Linux, Windows, and Cloud Provider CLI.
• Willingness to explore and adopt AI tools responsibly to enhance productivity and innovation in your role

Responsibilities

• Cloud Security Architecture: Design and guide secure architectures across AWS, Azure, and GCP. Define and enforce security baselines aligned with NIST 800-53, HITRUST, and CIS Benchmarks Lead threat modeling, architecture reviews, and secure design guidance for cloud workloads
• DevSecOps & Automation: Build and maintain Infrastructure as Code using Terraform (preferred) and cloud-native tooling Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning, container scanning) Implement policy-as-code guardrails using tools such as AWS SCPs and cloud-native governance services Develop automated remediation and enforcement workflows to reduce manual security effort
• Governance, Compliance & Visibility: Embed compliance controls directly into cloud infrastructure and pipelines to support ATO efforts Partner with compliance teams and auditors on evidence collection and continuous monitoring Implement centralized logging, monitoring, and incident response across cloud environments
• Technical Leadership: Serve as the senior cloud security SME for engineers, architects, and stakeholders Mentor engineers on secure cloud development and DevSecOps practices Translate complex security concepts to both technical and non-technical audiences Provide daily oversight of security operations, to include the security impact analysis of proposed system modifications and implementations. Monitor information security tools, including SIEM, system monitors, access control, and other specific cloud security controls
• Other Job Duties Other duties as assigned by supervisor or HHAeXchange exchange leader.
• Travel Requirements Travel up to 10%, including overnight travel

Benefits

• HHAeXchange offers competitive health plans, paid time-off, company paid holidays, 401K retirement program with a Company elected match, including other company sponsored programs.