Job Description

Responsibilities
● The engineer will be responsible for embedding robust security measures throughout the entire technology stack, ranging from infrastructure-as-code to the live cloud environment.
● This role requires the individual to lead projects, provide guidance to engineering teams, conduct in-depth investigations into escalated security events, perform incident triage, and determine root causes.
● Direct cloud security initiatives through collaboration with engineering, product development, and infrastructure teams is a core responsibility.
● Integrating security controls and testing methodologies into Continuous Integration/Continuous Deployment (CI/CD) pipelines is essential to facilitate the early identification and mitigation of vulnerabilities.
● Management of vulnerability discovery and remediation workflows utilizing cloud security tools is required.
● Investigating emerging security threats and developing appropriate detections and proactive controls to secure infrastructure.

Requirements
● A minimum of five years of experience in security engineering, with a specialized focus on cloud and infrastructure security, is mandatory.
● The ideal candidate must possess hands-on experience with cloud-native security tools (e.g., Wiz, Orca, Prisma Cloud), practical application of DevSecOps methodologies, and adherence to established compliance frameworks such as NIST 800-53 and CIS Controls.
● Must have hands-on practical experience with major public cloud infrastructure (AWS/GCP)
● Experience in identifying cloud misconfigurations, performing Infrastructure-as-Code (IaC) scanning, and implementing secure software development lifecycle (SSDLC) practices is required.
● Experience with container and orchestration security mechanisms (e.g., Kubernetes, Docker).
● Prior experience in the design and deployment of detection logic, security controls, and automated guardrails.
● Proficiency in at least one scripting or programming language (e.g., Python, Go, etc.) is required, along with experience in deploying and managing cloud resources via Infrastructure as Code.

Good to have:

● Certifications from SANS, Offensive Security, ISC2, AWS, Azure, or GCP are considered advantageous.