Remote position || Cloud Security Engineer

Remote position || Cloud Security Engineer

Posted 1 week ago by 1762323804

Apply
Negotiable
Outside
Remote
USA
Apply
Akamai Amazon Web Services (AWS) Application Security Automation Azure Kubernetes Service Cloud Computing Cloud Technology Continuous Integration and Continuous Delivery Generic Programming Github Infrastructure as Code (IaC) Kubernetes Software Development Stakeholder Management Templates Terraform Verification And Validation Workflows

Summary: The Cloud Security Engineer role focuses on enhancing cloud security through the evaluation and integration of various security tools, engaging with stakeholders, and enforcing security policies. The position requires hands-on experience with AWS, Terraform, and CI/CD automation, along with the ability to communicate security findings effectively. The role is contract-based and offers a remote working arrangement. The position is classified as outside IR35.

Key Responsibilities:

  • Evaluate and integrate security tools (e.g., SCA, SAST, secrets scanning, CSPM, SSPM) through proof-of-concept (PoC) testing and hands-on validation.
  • Engage with client stakeholders to provide expert guidance on cloud and application security best practices.
  • Define and enforce OPA policies to block insecure Terraform deployments in the CI/CD process.
  • Build and maintain dashboards within security tooling to highlight cloud security risks and sensitive data exposure.
  • Interpret and communicate findings from security reports to both technical and non-technical stakeholders to highlight business impact and drive remediation.

Key Skills:

  • Strong hands-on experience with AWS cloud platform
  • Strong hands-on experience with Terraform for IaC.
  • Strong hands-on experience with GitHub Actions for CI/CD automation
  • Demonstrated understanding of key security domains: SCA, SAST, CSPM, SSPM, Secret Scanning
  • Ability to clearly articulate the purpose and use cases for these security tools to both technical teams and client stakeholders.
  • Remediate cloud misconfigurations by collaborating with service owners and modifying IaC definitions.
  • Evaluate and integrate security tools (SCA, SAST, secrets scanning, SSPM) through PoCs and hands-on testing.
  • Develop GitHub Actions and workflow templates to automate security scans for projects written in multiple programming languages.
  • Identify accountable teams for legacy or orphaned cloud resources and ensure remediation paths are clearly owned.
  • Experience with Kubernetes and Argo CD
  • Familiarity with security and policy enforcement tools such as: OPA, AWS Config / SCP, TruffleHog, Endor Labs, Scalr, Cyera, Noname Security (now Akamai)
  • Prior experience building security dashboards or integrating security reporting into engineering workflows.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:
Position: - Cloud Security Engineer
Location: - Remote
Type: - Contract
Job Description
Job Responsibilities:
  • Evaluate and integrate security tools (e.g., SCA, SAST, secrets scanning, CSPM, SSPM) through proof-of-concept (PoC) testing and hands-on validation.
  • Engage with client stakeholders to provide expert guidance on cloud and application security best practices.
  • Define and enforce OPA policies to block insecure Terraform deployments in the CI/CD process.
  • Build and maintain dashboards within security tooling to highlight cloud security risks and sensitive data exposure.
  • Interpret and communicate findings from security reports to both technical and non-technical stakeholders to highlight business impact and drive remediation.
Skills and Experience Required:
Required
  • Strong hands-on experience with AWS cloud platform
  • Strong hands-on experience with Terraform for IaC.
  • Strong hands-on experience with GitHub Actions for CI/CD automation
  • Demonstrated understanding of key security domains: SCA, SAST, CSPM, SSPM, Secret Scanning
  • Ability to clearly articulate the purpose and use cases for these security tools to both technical teams and client stakeholders.
  • Remediate cloud misconfigurations by collaborating with service owners and modifying IaC definitions.
  • Evaluate and integrate security tools (SCA, SAST, secrets scanning, SSPM) through PoCs and hands-on testing.
  • Develop GitHub Actions and workflow templates to automate security scans for projects written in multiple programming languages.
  • Identify accountable teams for legacy or orphaned cloud resources and ensure remediation paths are clearly owned.
Desired:
  • Experience with Kubernetes and Argo CD
  • Familiarity with security and policy enforcement tools such as: OPA, AWS Config / SCP, TruffleHog, Endor Labs, Scalr, Cyera, Noname Security (now Akamai)
  • Prior experience building security dashboards or integrating security reporting into engineering workflows.
Apply
Similar Jobs
Loading data...