Cloud Security Engineer – OPA/REGO

Job Title

Cloud Security Engineer Manager / Senior Manager / Associate Director

Location

Mumbai, Bangalore, Chennai, Delhi NCR, Bhubaneswar, Coimbatore

Experience

710+ Years (relevant cloud security experience)

Notice Period

Immediate / Early Joiners Preferred

Role Overview

We are seeking a seasoned Cloud Security Engineer at Manager to Associate Director level to lead and strengthen cloud security initiatives across multi-cloud environments . The role demands deep hands-on expertise in policy-as-code , cloud security posture management, and infrastructure security automation within fast-paced consulting engagements.

This position is hands-on, delivery-oriented , and requires close collaboration with cloud engineering, DevOps, and platform teams to embed security controls by design.

Key Responsibilities

Cloud Security & Governance

• Design, implement, and govern cloud security controls across Azure and GCP environments
• Define and enforce cloud security guardrails aligned with enterprise and regulatory requirements
• Identify cloud misconfigurations, excessive permissions, and security gaps across workloads

Policy-as-Code (Critical Skill)

• Develop, maintain, and optimize policy-as-code frameworks using OPA / Rego
• Enforce governance across cloud resources, Kubernetes, and Infrastructure-as-Code (IaC)
• Build reusable, scalable Rego policies and manage policy exceptions and approvals

Cloud Security Tooling

• Implement and operate Wiz CNAPP for CSPM, risk prioritization, exposure management, and remediation
• Translate Wiz findings into actionable remediation plans with engineering teams

Infrastructure & Automation

• Secure and validate IaC using Terraform and/or AWS CloudFormation
• Automate cloud governance using Cloud Custodian or similar policy automation tools
• Integrate security controls into CI/CD pipelines to enable shift-left security

Stakeholder & Consulting Engagement

• Partner with cloud, DevOps, and platform teams to embed security into delivery pipelines
• Drive cloud hardening standards and best practices across engagements
• Support audits, risk assessments, and compliance initiatives related to cloud security

Required Skills & Experience

• 710+ years of experience in cloud security or cloud infrastructure security
• Mandatory hands-on experience with Azure and GCP (multi-cloud exposure required)
• Expert-level proficiency in OPA / Rego for policy-as-code (non-negotiable)
• Proven experience implementing and operating Wiz CNAPP
• Strong hands-on experience with Terraform and/or AWS CloudFormation
• Experience with Cloud Custodian or similar cloud governance automation tools
• Solid understanding of:
• Cloud IAM and identity governance
• Network security and segmentation
• Workload and container security
• Data protection and encryption
• Ability to work in onsite, consulting-driven environments with multiple stakeholders