Cloud Security Engineer
Description:
Job Location - Sterling, VA (Hybrid - 3 Days Onsite)
Type - Contract (6 Months)
Pay Rate - $87.00 - $92.00 Per Hour
The Cloud Security Engineer is a hands-on technical security professional responsible for designing, implementing, and operating cloud security controls across Warner Bros. Discovery's public cloud environments, with a primary focus on Google Cloud Platform (GCP).
Job Responsibilities / Typical Day in the Role
Serve as a hands-on Cloud Security Engineer focused on securing enterprise-scale GCP environments.
Design, implement, and operate cloud vulnerability management processes across compute, container, serverless, and platform services.
Leverage and manage CSPM/CNAPP platforms (e.g., Wiz, Orca, Prisma Cloud) to identify misconfigurations, prioritize risk, and drive remediation efforts with engineering teams.
Develop automation and security tooling using Python (preferred) or similar scripting languages to improve detection, remediation, and reporting capabilities.
Partner with engineering and DevOps teams to integrate security controls into CI/CD pipelines and infrastructure-as-code workflows.
Review and harden GCP configurations, including IAM, networking, logging, storage, and container environments.
Support security assessments of AI/ML workloads and cloud-native data platforms; contribute to proof-of-concept initiatives related to AI/ML security where applicable.
Collaborate with cross-functional teams to remediate vulnerabilities identified through CSPM tools, scanners, and cloud-native security services.
Contribute to the development and maintenance of cloud security standards, configuration baselines, and operational documentation.
Support multi-cloud security initiatives, including AWS and Azure environments where required.
Stay current with emerging cloud threats, vulnerability trends, and advancements in cloud security tooling.
GCP Cloud Security Engineering & Hardening - 15%
Cloud Vulnerability Management (analysis, prioritization, remediation coordination) - 30%
CSPM/CNAPP Operations & Risk Reduction - 10%
Security Automation & Python Development - 15%
CI/CD & DevSecOps Integration - 10%
Architecture Reviews & Engineering Collaboration - 10%
AI/ML & Emerging Technology Security Support - 5%
Documentation & Continuous Learning - 5%
Must Have Skills / Requirements
Strong knowledge and practical experience in Cloud Vulnerability Management
7+ years of experience; Vulnerability identification, prioritization, risk assessment, and remediation coordination across cloud workloads and services.
Demonstrated hands-on experience with AWS and GCP.
7+ years of experience; Cloud experience within a production environment.
Hands-on experience with at least one CSPM/CNAPP platform
3+ years of experience; (e.g., Wiz, Orca, Prisma Cloud, Lacework, or equivalent)
Nice to Have Skills / Preferred Requirements
Cloud security certifications such as:
GCP Professional Cloud Security Engineer
AWS Security Specialty or Solutions Architect
Azure Security Engineer or Solutions Architect
Experience with AI/ML platforms and securing machine learning workloads; prior proof-of-concept or project experience is a plus.
Knowledge of AWS and/or Azure security services and architecture.
Familiarity with Oracle Cloud Infrastructure (OCI).
Experience integrating security tooling with platforms such as Slack, Jira, and CI/CD pipelines.
Experience with SIEM and observability platforms (e.g., Splunk).
Azure Experience is a plus.
Experience with Brinqa.
Soft Skills:
Excellent written and verbal communication skills with the ability to collaborate effectively with engineering and security stakeholders.
Technology Requirements:
Demonstrated hands-on experience securing Google Cloud Platform (GCP) environments in production.
Strong knowledge and practical experience in Cloud Vulnerability Management, including vulnerability identification, prioritization, risk assessment, and remediation coordination across cloud workl