Senior Cloud Security Engineer

About The Position

Requirements

• 6+ years of experience in cloud security, security engineering, or cloud platform engineering roles.
• Strong hands-on experience securing cloud-native environments (Azure preferred).
• Proven experience with cloud network security, including firewalls, WAFs, network segmentation, and secure connectivity patterns.
• Strong understanding of cloud security architecture, including shared responsibility models, secure service design, and defense-in-depth.
• Experience with preventative security controls, including CSPM, policy enforcement, and secure cloud baselines.
• Solid experience with identity and access management in cloud environments (RBAC, workload identity, service principals).
• Experience contributing to or supporting compliance programs such as FedRAMP, SOC 2, ISO 27001, or NIST frameworks.
• Strong Infrastructure-as-Code skills (Terraform, Bicep, CloudFormation).
• Ability to script or automate using Python, PowerShell, or similar languages.
• Familiarity with CI/CD pipelines and DevSecOps practices.
• Ability to operate independently, own complex problem spaces, and deliver practical, scalable solutions.
• Strong communication skills and comfort providing architecture-level guidance to engineering teams.

Nice To Haves

• Hands-on experience securing Kubernetes environments (AKS/EKS) is a strong plus.

Responsibilities

• Design, build, and maintain secure cloud foundations across Azure, AWS and GCP (with deep expertise in at least one).
• Own and evolve Cloud Security Posture Management (CSPM) capabilities, including policies, guardrails, and automated remediation.
• Engineer and maintain cloud network security controls, including network segmentation and isolation, cloud-native firewalls and security groups, Application Gateway / WAF configurations, and secure ingress and egress patterns.
• Define and enforce security best practices for Kubernetes environments (AKS/EKS), including RBAC, network policies, workload isolation, and cluster hardening.
• Partner with engineering teams to perform security architecture reviews and provide guidance for new services, platforms, and major changes, helping engineering teams design secure solutions that meet security best practices and compliance requirements.
• Engineer and maintain identity and access security controls for cloud and production environments, including least privilege, workload identity, service principals, and conditional access.
• Contribute to FedRAMP and regulated environment readiness, including control implementation, evidence automation, and cross-team coordination.
• Build and operate secure cloud automation using Infrastructure as Code (Terraform, Bicep), CI/CD integrations, and policy-as-code.
• Apply a security lens to FinOps, defining guardrails that balance cost optimization with security and compliance.
• Develop tooling, automation, and self-service workflows that reduce manual effort and improve consistency across security programs.
• Act as a senior technical partner to engineering, IT, and compliance teams, contributing to long-term cloud security strategy and standards.
• Mentor junior engineers and contribute to raising the overall security maturity of the organization.

Benefits

• You’ll be part of a global team on the front lines of cybersecurity innovation.
• At Semperis, we celebrate curiosity, integrity, and people who take initiative.
• If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.