Senior Security Engineer – Cloud Security

Role Overview
We are seeking a Senior Security Engineer to operate as a core cloud security practitioner within a large enterprise-scale environment. This role focuses on engineering operating and continuously improving cloud security controls across AWS and GCP while adhering to corporate security standards regulatory requirements and risk management processes.

The role is hands-on and execution-oriented with accountability for control effectiveness operational stability and risk reduction working in close partnership with Cloud Platform (GDP) SRE Architecture and GRC teams.


 

Key Responsibilities

Enterprise Cloud Security Controls

• Implement operate and continuously improve enterprise-grade cloud security controls across AWS and GCP organizations.

• Enforce security baselines for accounts/projects networking IAM encryption and logging.

• Maintain alignment with enterprise security architecture policies and control frameworks.

• Support standardized cloud landing zones and guardrails.

Identity & Access Governance

• Design and operate scalable IAM models including role-based access service identities and federated access.

• Enforce least privilege through periodic access reviews CIEM insights and remediation workflows.

• Partner with global IAM and platform teams to ensure consistent access governance across cloud environments.

Security Tooling & Automation

• Operate and tune cloud security platforms (CSPM CIEM CWPP native AWS/GCP services).

• Drive remediation of findings through automation pipelines and infrastructure-as-code rather than manual fixes.

• Contribute to global security practices policies and reusable Terraform components.

Detection Logging & Incident Response

• Ensure comprehensive cloud audit logging telemetry and alerting are enabled and monitored.

• Support investigation and response to cloud-related security incidents following enterprise IR processes.

• Perform root cause analysis and contribute to post-incident improvements and control enhancements.

Risk Management & Compliance Enablement

• Support enterprise compliance programs (e.g. PCI DSS NIST SOC-2) by mapping requirements to cloud controls.

• Participate in threat modeling and risk assessments for cloud services and platforms.

• Provide evidence and technical validation during audits and security assessments.

Engineering Partnership & Enablement

• Act as a trusted security partner to engineering and platform teams.

• Review cloud architecture designs and major changes for security risk.

• Provide authoritative guidance on secure use of AWS and GCP services at enterprise scale.

Qualifications :

Required Experience & Skills

Cloud Security Expertise

• Strong hands-on experience securing AWS and GCP in large multi-account / multi-project environments.

• Deep knowledge of:

  • Cloud IAM federation and access governance

  • Network segmentation private connectivity and perimeter controls

  • Centralized logging monitoring and audit trails

  • Encryption key management and data protection

  • Proven experience with Infrastructure as Code

  • Enterprise Security Operations

  • Experience operating security controls under formal policies standards and risk frameworks.

  • Familiarity with enterprise change management incident response and audit processes.

  • Ability to translate security requirements into implementable & measurable controls.

Professional Attributes

• 7 years of experience in security engineering with a strong cloud focus.

• Demonstrated ability to operate independently as a senior individual contributor.

• Strong written documentation and verbal communication skills.

• Comfortable working across time zones and with globally distributed teams

Remote Work :

No

Employment Type :

Full-time