Jobs Description:
We are looking for an experienced Cloud Security Engineer to join our technical team. The Cloud Security Engineer will be responsible for designing, implementing and operating security controls across our cloud environments (AWS, Azure and/or GCP), securing containerized infrastructures based on Kubernetes, and integrating security into CI/CD pipelines. This is an ideal opportunity for a profile with a solid mastery of production environments and a strong focus on cloud and application security, wishing to evolve within an advanced technological context.
Responsibilities:
- Design, implement and maintain security architectures and controls for public cloud platforms (AWS, Azure and/or GCP), including network, identity and data protection.
- Define and enforce security baselines and guardrails using Infrastructure as Code tools (e.g. Terraform, CloudFormation, ARM/Bicep).
- Implement and manage Identity and Access Management (IAM), SSO, role-based access control (RBAC) and multi-factor authentication (MFA) across cloud and SaaS services.
- Secure containerized workloads and orchestrators (Docker, Kubernetes), including image scanning, runtime protection and cluster hardening.
- Integrate security into CI/CD pipelines (DevSecOps) with tools for SAST, DAST, dependency scanning and secrets scanning (e.g. integrated with GitLab CI or similar platforms).
- Implement and operate security monitoring and alerting using SIEM, CSPM/CNAPP and cloud-native tools (e.g. CloudTrail, GuardDuty, Security Center, Security Command Center).
- Manage secrets and encryption keys using solutions such as HashiCorp Vault, cloud KMS and secret managers, ensuring secure storage and rotation.
- Perform regular security assessments, threat modeling, vulnerability management and remediation follow-up across cloud services and applications.
- Contribute to incident response activities: detection, triage, investigation, containment and post-incident review.
- Work closely with development, operations and compliance teams to promote security best practices and ensure alignment with internal policies and regulatory requirements.
Requirements:
Degree in computer science, cybersecurity, engineering or a related field.
Between 3 and 5 years of experience as a Cloud Security Engineer, Security Engineer or similar role with significant exposure to public cloud environments.
Hands-on experience with at least one major cloud provider (AWS, Azure or GCP), including use of security services (IAM, KMS, WAF, security groups, policies).
Good understanding of network security concepts (VPC/VNet design, firewalls, WAF, VPN, zero trust, micro-segmentation).
Experience with DevSecOps practices and integration of security controls into CI/CD pipelines (e.g. GitLab CI, GitHub Actions, Jenkins).
Knowledge of container and Kubernetes security (RBAC, Pod Security, network policies, image scanning and secure configuration).
Strong skills in scripting and automation (Bash, Python) to automate security checks, reporting and remediation.
Familiarity with security standards and frameworks (ISO 27001, SOC 2, NIST, CIS benchmarks, and basic GDPR concepts).
One or more relevant certifications are a plus (e.g. AWS Certified Security – Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, CISSP, CCSP).
Strong communication and problem-solving skills, with the ability to collaborate effectively with cross-functional technical and non-technical teams.
If you are a Cloud Security Engineer passionate about securing cloud-native environments, DevSecOps practices and modern infrastructure, we would love to speak with you about this role. Please send your CV and a cover letter to contact@expertnow-consulting.com.