Cloud Support Engineer – Security

This is a fully remote position, open to applicants in Texas.

📋 Description

• Conduct Architecture & Design Reviews: Offer security guidance for cloud architectures and modifications (network segmentation, private connectivity, encryption methodologies, key management), and evaluate designs for risk and compliance with standards.

• Identity & Access Management (IAM): Implement and sustain least-privilege access with AWS IAM/Organizations and Azure Entra ID/RBAC, which includes privileged access workflows, role design, service principals, and periodic access reviews.

• Security Monitoring & Detection Engineering: Activate and refine cloud-native security signals (e.g., CloudTrail/Config/GuardDuty, Azure Activity Logs/Defender for Cloud/Sentinel) and ensure centralized logging, alerting, and actionable runbooks.

• Vulnerability & Configuration Management: Lead the patching and vulnerability remediation for cloud workloads and platform services; implement secure configuration baselines and continuously monitor for drift using CSPM/configuration tools.

• Security Automation & DevSecOps: Establish guardrails and automate security controls utilizing Infrastructure as Code (e.g., Terraform) and scripting (Python/Bash/PowerShell), which includes policy-as-code, CI/CD checks, and standardized hardened templates.

• Compliance, Risk & Governance: Uphold cloud security standards, assist with audits (e.g., HITRUST), collect evidence, conduct risk assessments, and manage exceptions; convert control requirements into actionable technical measures.

• Stakeholder Collaboration: Partner with cloud/platform teams and application owners to prioritize security initiatives, provide guidance, and deliver secure-by-default patterns without hindering delivery.

⛳️ Requirements

• The ideal candidate must possess a Cloud Certification (Azure or AWS).

• The ideal candidate must have at least 5 years of experience in cloud security, cloud engineering with a primary focus on security, or security operations in public cloud environments.

• The ideal candidate must have a minimum of 3 years of practical security experience in AWS and Azure, including the implementation of IAM, network security controls, logging/monitoring, and policy enforcement; relevant cloud certifications are required (AWS and/or Azure).

• The ideal candidate must have previous experience in operating and enhancing security controls such as CSPM, vulnerability management, SIEM/SOAR, EDR, and incident response processes.

• The ideal candidate must have hands-on scripting/automation experience (Python, Bash, and/or PowerShell) and knowledge of Infrastructure as Code concepts to automate security checks and guardrails.

• Must have exceptional communication skills (both verbal and written), with the ability to translate security risks into clear technical and business recommendations.

🏝️ Benefits

• Medical, Dental and Vision – Coverage for employees, dependents, and domestic partners.

• Employee Assistance Program (EAP) – Confidential support for personal and work-related challenges.

• 401(k) Plan – Includes a company matching program and profit-sharing contributions.

• Discretionary Bonus Program – Recognizing employee contributions.

• Flexible Spending Accounts (FSA) – Pre-tax savings for dependent care, transportation, and eligible medical expenses.

• Paid Time Off (PTO) – Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis.

• Holidays – A minimum of 10 paid holidays per year.

• Family Building Benefits – Includes adoption and fertility assistance.

• Paid Parental Leave – Up to 12 weeks of paid leave for employees who meet eligibility criteria.

• Life Insurance & AD&D – 100% of premiums covered by Milliman.

• Short-Term and Long-Term Disability – Fully paid by Milliman.