Lead Cloud Security Engineer

Job Description

&

Job Summary

We are seeking a Lead Cloud Security Engineer to design, implement, and maintain a secure, scalable, and resilient cloud infrastructure.&

This role focuses on strengthening access control, threat detection, data protection, and compliance in AWS and/or Azure environments.&

The ideal candidate will have expertise in cloud-native security tools, automation, and DevSecOps integration while collaborating with cross-functional teams to enforce security best practices.

&

Key Responsibilities

Identify and assess security risks, communicate threats to stakeholders, and implement remediation strategies.

Design and maintain preventive and remediation controls across AWS and Azure.

Apply security frameworks, including CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), and Microsoft Cloud Security Benchmark (MCSB).

Track and report on the effectiveness of AWS/Azure detective controls and third-party security solutions (e.g., Wiz).

Develop security processes, cloud policies, and standards to ensure proactive threat response.

Assist teams in integrating security into CI/CD pipelines and workflows.

Implement security automation to improve security posture.

Conduct security audits and ensure compliance with industry regulations (e.g., GDPR, HIPAA).

Maintain and manage cloud security documentation.

Work with developers, architects, and operations teams to enforce security best practices.

Lead training sessions and workshops on AWS and Azure security.

Stay updated on emerging cloud security trends and integrate innovative solutions.

&

Required Qualifications

Strong experience in AWS and/or Azure security services.

Hands-on expertise with AWS: IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, Config, Automated Security Remediation and Azure: Entra ID, Cloud Defender.

Experience securing containers and Kubernetes.

Strong network security skills (e.g., securing virtual networks, firewalls, governance, subnets).

Knowledge of IaaS resource patching and container image scanning.

Familiarity with third-party security tools (e.g., Cloud Custodian, Stacklet).

Experience managing hybrid cloud environments.

Proficiency in Python, Terraform, AWS Lambda, Azure Functions.

Hands-on experience with Infrastructure as Code (IaC) tools (e.g., Terraform).

Experience implementing policy-as-code solutions using GitHub Copilot, AWS Code Whisperer.

Knowledge of cloud security compliance frameworks (CIS, AWS/FSBP, Microsoft/MCSB, GDPR, HIPAA).

Expertise in embedding security within DevOps workflows and CI/CD pipelines.

Hands-on experience with GitHub, Azure DevOps, PowerShell, Bash, AWS/Azure CLI.

Familiarity with container security in AWS/Azure.

Strong analytical mindset to assess complex security challenges.

Ability to effectively communicate security concepts to technical and non-technical stakeholders.

Collaborative mindset for working in federated operating models.

Commitment to continuous learning in security best practices and emerging technologies.

&

Preferred Certifications

AWS Certified Security – Specialty

AWS Certified DevOps Engineer - Professional

Microsoft Certified: Azure Security Engineer Associate

Microsoft Certified: DevOps Engineer Expert

CISSP, CCSP, or equivalent industry certifications

Full-time

Fully remote