Cloud Security Engineer

Job Title: Cloud Security Engineer (AWS & Azure)

Role Overview

The Cloud Security Engineer (AWS & Azure) is responsible for designing, implementing, and maintaining robust security controls across cloud environments. The role focuses on protecting cloud infrastructure, applications, and data by implementing security best practices, monitoring threats, and ensuring compliance with regulatory and organizational security standards. The engineer collaborates with DevOps, IT operations, and security teams to strengthen the organization's cloud security posture and support secure cloud adoption.

Key Responsibilities

Cloud Security Architecture

• Design and implement secure cloud architectures for AWS and Azure environments.
• Develop security frameworks, standards, and best practices for cloud infrastructure.
• Review cloud deployments and ensure they follow security design principles.
• Support secure migration of on-premise systems and applications to cloud platforms.

Identity and Access Management (IAM)

• Implement and manage IAM policies, roles, and permissions across AWS and Azure.
• Enforce least-privilege access models and role-based access controls (RBAC).
• Integrate identity providers such as Azure AD, SSO, and MFA for secure authentication.
• Conduct regular access reviews and ensure proper identity governance.

Data Protection and Encryption

• Implement encryption mechanisms for data at rest and in transit.
• Manage key management systems such as AWS KMS and Azure Key Vault.
• Ensure secure data storage configurations for cloud services and databases.
• Implement data loss prevention and data classification controls.

Security Monitoring and Threat Detection

• Monitor cloud environments using tools such as AWS CloudTrail, Azure Monitor, Defender for Cloud, and SIEM solutions.
• Identify and investigate suspicious activities and potential security threats.
• Implement automated alerting and security monitoring dashboards.
• Conduct vulnerability assessments and remediate security weaknesses.

Incident Response and Security Operations

• Support cloud-related incident response investigations and remediation activities.
• Develop playbooks and procedures for cloud security incidents.
• Work with SOC teams to detect and respond to security threats.
• Perform root cause analysis and implement preventive measures.

Compliance and Governance

• Ensure cloud environments comply with industry standards and regulatory requirements such as ISO 27001, GDPR, SOC2, or similar frameworks.
• Conduct cloud security assessments and compliance reviews.
• Support internal and external audits by providing documentation and evidence.
• Maintain security policies and cloud governance frameworks.

Automation and DevSecOps

• Integrate security controls into CI/CD pipelines and DevOps workflows.
• Automate security checks using Infrastructure-as-Code tools like Terraform or CloudFormation.
• Implement security scanning tools for container and application security.
• Promote DevSecOps practices across development and operations teams.

Required Skills and Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• 37 years of experience in cloud security or cybersecurity roles.
• Strong hands-on experience with AWS and Microsoft Azure security services.
• Knowledge of cloud networking, firewalls, and secure architecture principles.
• Experience with SIEM, vulnerability management, and security monitoring tools.
• Understanding of identity management, encryption, and cloud compliance standards.
• Strong analytical, troubleshooting, and incident response skills.