Cloud Security Engineer

The Cloud Security Engineer is responsible for the technical implementation and management of security controls within cloud environments. This role involves hands-on configuration, automation, and monitoring of cloud security tools and infrastructure to protect sensitive data and applications.

• Represent the Information Security team in applicable Cloud Centers of Excellence and/or Steering Committees.
• Design, implement, and maintain secure cloud environments by configuring cloud-native security services, implementing robust security controls, and automating security processes to ensure compliance with industry standards and organizational security policies.
• Engineer and configure technical security controls, including cloud-native firewalls, endpoint protection, intrusion detection/prevention systems (IDS/IPS), and encryption protocols, to proactively defend cloud environments against cyber threats.
• Conduct technical security risk assessments of cloud platforms, utilizing vulnerability scanning and penetration testing tools, and develop and implement automated risk mitigation strategies to reduce potential threats to cloud infrastructure and services.
• Develop, automate, and execute cloud-specific incident response playbooks, integrating SIEM and SOAR tools, to efficiently detect, respond to, and recover from cloud security incidents, including forensic analysis and root cause identification.
• Ensure that cloud environments comply with relevant regulations, standards, and internal governance policies. This includes audits, certifications, and regulatory requirements.
• Guide employees and stakeholders to ensure they are aware of security best practices and understand their role in protecting the cloud environment.
• Stay up to date with the latest security trends, threats, and vulnerabilities and provide recommendations for improving the security posture of the cloud environment.