Senior Cloud Security Engineer

Wolters Kluwer•New York City, NY

About The Position

The Cloud Security Engineer – FAB supports the security, resilience, and compliance of FAB (Foundation and Beyond) , Wolters Kluwer’s centralized GenAI platform. This role focuses on cloud‑native security controls, DevSecOps automation, and operational security , ensuring that FAB services and workloads are protected throughout their lifecycle. FAB operates as a shared internal platform used by multiple product teams in regulated environments. As a result, this role emphasizes secure cloud configuration, identity and access management, vulnerability management, and security monitoring , working closely with FAB engineering, platform operations, and audit teams.

Requirements

Experience in cloud security, DevSecOps, or infrastructure security in a cloud‑native environment.
Hands‑on exposure to security controls such as IAM, encryption, logging, vulnerability scanning, and network security.
Familiarity with CI/CD pipelines and automated security tooling.
Ability to work collaboratively with engineering and platform teams in a fast‑moving environment.
Strong attention to detail and willingness to learn security practices in regulated environments.

Responsibilities

Cloud & Infrastructure Security Implement and maintain cloud security controls across FAB environments, aligned with WK policies and FAB’s shared responsibility model.
Support secure configuration of cloud resources, including network security, encryption, logging, and monitoring.
Assist in securing hybrid and multi‑cloud FAB deployments supporting platform runtime and integrations.
Identity, Access & Least Privilege Support identity and access management (IAM) practices for FAB, including least‑privilege access, workspace isolation, and secure API access patterns.
Assist with configuration and review of authentication and authorization mechanisms used by FAB services and integrations.
Participate in access reviews and remediation activities as part of security and audit readiness.
DevSecOps & Secure SDLC Contribute to DevSecOps pipelines by supporting automated security checks such as SAST, dependency scanning, IaC scanning, and DAST.
Help triage, track, and remediate security findings generated by CI/CD and cloud security tools.
Partner with engineering teams to ensure security requirements are addressed early in the development lifecycle.
Vulnerability Management & Operational Security Support vulnerability management activities, including review, prioritization, and remediation tracking for FAB assets.
Assist with operational security improvements such as monitoring, alerting, and security logging.
Participate in incident response support and root‑cause analysis under established FAB and /dxg processes.
Compliance, Audit & Assurance Support SOC 2, HIPAA, and other compliance activities by assisting with evidence collection, control validation, and audit preparation.
Participate in security reviews, penetration testing coordination, and follow‑up remediation activities.
Help maintain documentation related to security controls, procedures, and operational readiness.