Sr. Cloud Security Engineer

About The Position

Requirements

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or equivalent experience.
• 7+ years of hands-on experience in cloud security roles, penetration testing, application security, app development support and ideally in SaaS or HR tech environments.
• Strong expertise with MS Azure security services (e.g., IAM, Key Vault, Auth0, Key Cloak).
• Deep understanding of data privacy, encryption, access management, application security, and secure API design.
• Familiarity with compliance frameworks such as ISO27000, SOC 2, GDPR.
• Experience with security monitoring tools (e.g., SIEMs, CSPM solutions).
• Scripting skills (Python, Bash, PowerShell) for automation of security tasks.

Nice To Haves

• Certifications like AWS Certified Security Specialty, Azure Security Engineer Associate, CISSP, or CCSP.
• Experience securing containerized applications (Docker, Kubernetes) and serverless environments.
• Knowledge of Infrastructure as Code (Terraform, CloudFormation) and its security implications.
• Prior experience working with HRIS (Human Resources Information Systems) or similar data-sensitive platforms.

Responsibilities

• Design, implement, and maintain security controls for cloud environments Azure & AWS
• Conduct advanced penetration testing across cloud workloads, APIs, and containerized environments to identify vulnerabilities and validate application security controls.
• Lead application security reviews, including threat modeling, static/dynamic analysis, secure code review, and remediation guidance.
• Partner closely with the development and DevOps teams to integrate security into CI/CD pipelines, provide secure-coding best practices, and support product teams during architecture/design.
• Architect, implement, and optimize security controls across AWS/Azure/GCP environments (IAM, VPC, KMS, WAF, Secrets Management, Logs).
• Strengthen security across Azure workloads, data, and identities using tools like Microsoft Defender for Cloud, SentinelOne, Purview, and SonarQube.
• Collaborate with and support DevOps and Engineering teams to integrate security into the software development lifecycle (DevSecOps).
• Manage network and web application firewalls to protect internal systems and applications.
• Integration of SIEM and IDS solutions with cloud monitoring tools for real-time alerting and automated remediation.
• Work with our SOC to ensure appropriate logging and alerting are configured and administered. Review Alerts and ensure timely resolutions are conducted.
• Build and monitor systems and security dashboards to ensure availability and potential issues are addressed immediately.
• Participate in ISO 27001 SOC 2, or CIS benchmark security program and audits. Conduct regular security assessments, vulnerability scans, and cloud configuration audits.
• Monitor and respond to security incidents, anomalies, and potential threats in our cloud environment and applications.
• Develop and automate security controls, guardrails, and incident response playbooks.
• Stay current on the latest cloud security trends, HR data protection laws, application security, and SaaS security best practices.

Benefits

• Flexible PTO
• Your birthday off and a day for you to volunteer and give back to the organization of your choice
• Generous Parental Leave Program
• Growth and development opportunities with access to a top learning content provider
• The opportunity to challenge yourself in a high-performing organization and leave each day knowing you have made an impact.