Role Overview: As a Cloud Security Engineer, you will be responsible for designing and implementing security controls across our cloud platforms. You will work closely with development and operations teams to integrate security into our cloud architecture, ensuring data protection, threat detection, and compliance with industry standards.

Key Responsibilities: Cloud Security Architecture: Design and implement secure cloud architectures across multiple platforms (e.g., AWS, Azure, GCP). Define security frameworks and best practices to protect cloud resources and applications.

Risk Assessment and Compliance: Conduct comprehensive risk assessments of cloud services and applications. Ensure compliance with industry regulations (e.g., GDPR, HIPAA) and organizational security policies.

Identity and Access Management (IAM): Develop and enforce IAM policies, including role-based access control (RBAC) and least privilege principles. Implement identity federation, SSO, and multi-factor authentication (MFA) across cloud environments.

Threat Detection and Incident Response: Implement security monitoring solutions to detect threats and anomalous behavior within cloud environments. Develop incident response plans and playbooks specific to cloud incidents, ensuring rapid containment and remediation.

Automation and DevSecOps: Integrate security controls into CI/CD pipelines using Infrastructure as Code (IaC) practices. Automate security testing and compliance checks to ensure secure deployments.

Vulnerability Management: Conduct regular security assessments and vulnerability scans of cloud resources. Coordinate with development teams to prioritize and remediate identified vulnerabilities.

Security Awareness and Training: Develop training programs and workshops for engineering and operations teams to raise awareness of cloud security best practices and emerging threats.

Documentation and Reporting: Maintain up-to-date documentation of cloud security policies, procedures, and architecture diagrams. Generate regular reports for stakeholders detailing security posture, incidents, and compliance status.

Continuous Improvement: Stay informed about the latest cloud security trends, tools, and threat intelligence. Proactively recommend and implement improvements to cloud security strategies and practices.

Qualifications:

Experience: 3+ years of experience in cloud security engineering, with a focus on securing cloud environments and applications.

Technical Skills: Proficiency in cloud platforms (AWS, Azure, GCP) and their security services. Experience with security tools such as cloud access security brokers (CASB), SIEMs, and vulnerability scanners.

Knowledge of Security Frameworks: Familiarity with security frameworks and standards such as NIST, CIS, and ISO 27001.

Scripting and Automation: Experience with scripting languages (e.g., Python, Bash) and tools for automating security tasks and integrating security into DevOps workflows.

Certifications: Relevant cloud security certifications (e.g., CCSK, CCSP, AWS Certified Security – Specialty) are preferred.