Senior Cloud Security Engineer

Overview

The Senior Cloud Security Engineer is a senior technical and leadership position responsible for implementing and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).

This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).

The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute.

Responsibilities

• Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth.
• Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture.
• Deploy and support CSPM platforms to drive continuous visibility, compliance, and risk posture improvement.
• Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively.
• Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms.
• Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect.
• Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities.
• Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting.
• Implement WAF policies and API gateways to safeguard cloud applications and services.
• Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices.
• Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy.
• Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

Qualifications

• Master's Degree and with 2 years of relevant experience in IT or Information security or
• Bachelor's Degree and with 3 years of relevant experience in IT or Information security or
• Associate's Degree and with 5 years of relevant experience in IT or Information security or
• High School Diploma/GED and with 6 years of relevant experience in IT or Information security.

• Master's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 2 years in Information security or Network Security in a senior technical role With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer;
• Experience in cloud security or cloud architecture.
• Experience with CSPM, CWP, AISPM, and API security implementations.
• Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute).
• Bachelor's Degree Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology and 3 years in Information security or Network Security in a senior technical role With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer;
• Experience in cloud security or cloud architecture.
• Experience with CSPM, CWP, AISPM, and API security implementations.
• Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute).

• Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required.
• Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required.
• Knowledge of IAM, rolebased access control, and policy enforcement, required.
• Experience integrating cloud telemetry and logs with SIEM tools, required.
• Understanding hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required.
• Experience with scripting (Python, PowerShell, Bash) and automation, required.
• Experience with WAF and cloud API gateway configurations, required.
• Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required.
• Experience collaborating with cloud service teams for planning and remediation, required.
• Experience implementing application security best practices and training engineering teams, required.
• Familiarity with CDN operations, certificates, and brand monitoring preferred, required.
• Experience with SIEM integration, telemetry collection, and event analysis, preferred.
• Experience with Container Security, preferred.
• Experience securing API endpoints and implementing advanced cloud application protections, preferred.
• Knowledge of AI/ML data protection and secure model deployment practices, preferred.
• Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred.
• Experience developing and delivering cloud security training and awareness programs, preferred.

• Effective leadership skills
• Demonstrated analytical skills
• Strong written and verbal communication skills
• Develops and delivers effective presentations
• Demonstrated time management and priority setting skills
• Proactively approaches responsibilities

• Driver's License Required

• Ability to push, pull, and lift up to 25 pounds
• Sit or stand to use a keyboard, mouse, and computer for the duration of the workday

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel within Company service territory, approximately quarterly, but also as needed.