Job Description
Are you ready to defend enterprise cloud architecture against elite-level threats?
We are seeking a visionary Lead Cloud Security Engineer to join our high-performing security operations team. In this role, you will architect, implement, and govern cutting-edge security systems across multi-cloud environments. You will partner with DevOps and software engineering teams to embed security into every stage of our software development lifecycle, driving a robust Zero-Trust philosophy.
If you have a passion for proactive threat modeling, automated compliance, and building resilient security postures, we want to hear from you. Discover a collaborative culture that values continuous learning, aggressive career growth, and cutting-edge tech tooling.
Responsibilities
- Architect, build, and maintain comprehensive cloud security controls across AWS and Azure environments.
- Integrate advanced security scanning tools (SAST/DAST) directly into CI/CD deployment pipelines.
- Establish, monitor, and enforce Identity and Access Management (IAM) policies adhering to the principle of least privilege.
- Lead threat modeling exercises and risk assessments for new cloud-native applications and microservices.
- Serve as a primary incident responder for cloud-based security events, performing root-cause analysis and remediation.
- Formulate security policies, architectural standards, and compliance strategies (SOC2, ISO 27001).
Qualifications
- Over 5 years of professional experience in Cybersecurity, focusing on Cloud Security Architecture.
- Deep, hands-on expertise with AWS Security Services (GuardDuty, IAM, Security Hub) and Azure Security Center.
- Strong background in Infrastructure as Code (IaC) security, analyzing Terraform or CloudFormation configurations.
- Active industry certifications such as CISSP, CCSP, or AWS Certified Security - Specialty.
- Solid experience with scripting languages (Python, Bash, or Go) to automate security compliance tasks.
- Exceptional communication skills, with a track record of translating complex technical vulnerabilities into business risk.