Job Summary:

•   Partner with engineering, infrastructure, and other security teams to develop, deploy, and maintain secure cloud architectures aligned to internal standards and current best practices. 

•   Implement monitoring capabilities that enable continuous asset inventory and posture assessment across cloud operating environments. 

•   Implement and administer security technology controls (CSPM/ CWPP) across cloud infrastructure. 

•   Secure development lifecycle (SDLC) practices including threat modeling and security testing 

•   Implement security measures in containerization platforms (such as Docker, Kubernetes, or OpenShift) to protect containerized applications and environments. This includes configuring access controls, network policies, container runtime security, and secure image scanning. 

•   Develop and maintain security automation scripts, tools, and frameworks to streamline security processes and integrate them into the CI/CD pipeline. 

•   Automated security testing, vulnerability scanning, and compliance checks to ensure continuous security throughout the software development and deployment process. 

•   Assess data flows across the cloud environment to identify process weaknesses or technology gaps that could result in privacy or security breaches. 

•   Provide guidance and documentation to other teams in adopting and using the tools and components made available to them by the Cloud Security team. 

•   Develop and maintain vulnerability management processes to ensure timely identification and resolution of vulnerabilities. 

•   Participate in incident response efforts and provide technical guidance during security incidents 

Job Requirements:

•   Strong knowledge of cloud computing platforms (AWS, Azure, GCP) and their respective security services and features. AWS or Azure Security certifications preferred. 

•   Proficiency in scripting or programming languages (such as Python, PowerShell, or Ruby) for security automation and integration. 

•   Experience with container security 

•   An understanding of networking and communication protocols (such as TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP) 

•   Understanding of secure software development practices and DevSecOps methodologies. 

•   Experience in designing and implementing security controls for cloud environments, including identity and access management, network security, encryption, and monitoring. 

•   Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO 27001) and their application in cloud environments. 

•   Strong analytical and problem-solving skills to assess and mitigate security risks. 

•   Excellent communication and interpersonal skills to collaborate with cross-functional teams and educate stakeholders on security best practices. 

•   Ability to work independently and manage multiple priorities in a fast-paced environment. 

Education:

Requires a minimum of 7 years of related experience.

Bachelor's degree in computer science, Information Security, or a related field. Relevant certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH) are highly desirable.