Cloud Security Engineer

About The Role As a Cloud Security Engineer, you will play a critical role in designing, implementing, and managing the security posture of our cloud infrastructure. You will lead efforts to safeguard sensitive data, ensure regulatory compliance, and embed security into every stage of our cloud development lifecycle. This is a hands-on technical role with strategic influence, working closely with engineering, Dev Ops, and compliance teams. Overview About The Role As a Cloud Security Engineer, you will play a critical role in designing, implementing, and managing the security posture of our cloud infrastructure. You will lead efforts to safeguard sensitive data, ensure regulatory compliance, and embed security into every stage of our cloud development lifecycle. This is a hands-on technical role with strategic influence, working closely with engineering, Dev Ops, and compliance teams.Responsibilities Design, implement, and manage security controls across AWS, GCP, and Azure environments. Ensure secure configuration and continuous monitoring of cloud resources. Micro-services & Container Security Secure micro-services-based architectures, including APIs, service mesh, and container workloads. Apply best practices for Kubernetes security and container orchestration. Integrate security tools and processes into CI/CD pipelines to ensure early detection and prevention of vulnerabilities. Automate security checks and compliance enforcement throughout the deployment lifecycle. Conduct regular threat modeling and risk assessments to identify and mitigate potential vulnerabilities. Translate business risks into actionable security requirements. Analyze logs, network data, and system behavior to detect anomalies and potential breaches. Utilize SIEM tools and custom analytics for proactive threat detection. Vulnerability Management Perform regular vulnerability assessments and penetration testing using industry-standard tools (e.g., Burp Suite, OWASP ZAP, Sonar Qube). Drive remediation efforts and verify the closure of identified vulnerabilities. Security Tooling & Innovation Independently trial, evaluate, and deploy new security tools and technologies. Stay ahead of emerging threats and continuously enhance the security toolset. Server and Edge Hardening Apply best practices for server hardening and secure configuration management. Implement edge security controls including WAF, CDN-based protections, and secure DNS. Security Architecture & Strategy Design scalable and resilient security architectures for cloud-native applications. Contribute to the long-term strategic planning of security engineering initiatives. Governance, Compliance, and Policy Enforcement Ensure adherence to relevant compliance standards such as GDPR, HIPAA, NIST. Define and enforce security policies, procedures, and documentation. Lead incident response efforts, root cause analysis, and forensic investigations. Develop and maintain incident response and disaster recovery plans. Cross-Functional Collaboration Partner with developers, operations, and leadership to embed security into all stages of development and deployment. Educate and support teams on secure coding practices and secure infrastructure provisioning. Performance & Security Optimization Ensure the security controls and solutions do not adversely impact system performance or user experience. Continuously optimize the balance between robust security and operational efficiency. Overview About The Role As a Cloud Security Engineer, you will play a critical role in designing, implementing, and managing the security posture of our cloud infrastructure. You will lead efforts to safeguard sensitive data, ensure regulatory compliance, and embed security into every stage of our cloud development lifecycle. This is a hands-on technical role with strategic influence, working closely with engineering, Dev Ops, and compliance teams.Responsibilities Cloud Infrastructure Security Design, implement, and manage security controls across AWS, GCP, and Azure environments. Ensure secure configuration and continuous monitoring of cloud resources. Micro-services & Container Security Secure micro-services-based architectures, including APIs, service mesh, and container workloads. Apply best practices for Kubernetes security and container orchestration. CI/CD Pipeline Integration Integrate security tools and processes into CI/CD pipelines to ensure early detection and prevention of vulnerabilities. Automate security checks and compliance enforcement throughout the deployment lifecycle. Threat & Risk Analysis Conduct regular threat modeling and risk assessments to identify and mitigate potential vulnerabilities. Translate business risks into actionable security requirements. Log & Data Analysis Analyze logs, network data, and system behavior to detect anomalies and potential breaches. Utilize SIEM tools and custom analytics for proactive threat detection. Vulnerability Management Perform regular vulnerability assessments and penetration testing using industry-standard tools (e.g., Burp Suite, OWASP ZAP, Sonar Qube). Drive remediation efforts and verify the closure of identified vulnerabilities. Security Tooling & Innovation Independently trial, evaluate, and deploy new security tools and technologies. Stay ahead of emerging threats and continuously enhance the security toolset. Server and Edge Hardening Apply best practices for server hardening and secure configuration management. Implement edge security controls including WAF, CDN-based protections, and secure DNS. Security Architecture & Strategy Design scalable and resilient security architectures for cloud-native applications. Contribute to the long-term strategic planning of security engineering initiatives. Governance, Compliance, and Policy Enforcement Ensure adherence to relevant compliance standards such as GDPR, HIPAA, NIST. Define and enforce security policies, procedures, and documentation. Incident Response & Recovery Lead incident response efforts, root cause analysis, and forensic investigations. Develop and maintain incident response and disaster recovery plans. Cross-Functional Collaboration Partner with developers, operations, and leadership to embed security into all stages of development and deployment. Educate and support teams on secure coding practices and secure infrastructure provisioning. Performance & Security Optimization Ensure the security controls and solutions do not adversely impact system performance or user experience. Continuously optimize the balance between robust security and operational efficiency. Qualifications Requirements: Cloud Expertise: Extensive experience with leading cloud infrastructure providers (AWS, GCP, Azure). Micro-services: Comprehensive experience with micro-services architecture. CI/CD Integration: Proven experience integrating security solutions in CI/CD pipelines. Threat Analysis: Expert ability to perform threat and risk analysis and assess business impacts. Log Analysis: Highly proficient in analyzing logs, network data, and other information sources. Vulnerability Tools: Extensive experience with vulnerability assessment tools and conducting audits. Independent Tool Deployment: Strong ability to independently trial and deploy new security solutions. Penetration Testing: In-depth understanding of OWASP, capable of conducting both dynamic and static security testing using tools like Burp Suite, Sonar Qube, OWASP ZAP. Server Hardening: Experience in applying security best practices for server hardening. Edge Security: Proven experience in securing edge servers and networks. Preferred Skills WAF Experience: Deep familiarity with Web Application Firewalls. Kubernetes: Significant experience with Kubernetes for container orchestration and security. Security Architecture: Experience designing and implementing security architecture for large-scale cloud environments. Strategic Planning: Ability to develop long-term strategies for security architecture and engineering. Cross-Functional Collaboration: Experience working with cross-functional teams including developers, operations, and executive leadership to ensure comprehensive security solutions. Automation: Expertise in automating security processes and integrating them into CI/CD pipelines. Compliance and Governance: Strong understanding of compliance standards and governance frameworks (e.g., GDPR, HIPAA, NIST). Incident Response: Experience leading incident response efforts and developing incident response plans. Performance Optimization: Skills in optimizing security performance without compromising functionality or user experience Company Industry Consulting Management Consulting Advisory Services Department / Functional Area Keywords Cloud Security Engineer Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at #J-18808-Ljbffr