
Senior Cloud Security Consultant – JAPAC
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in Australia.
• Perform cloud security evaluations across various environments, with a primary focus on AWS and Azure: assessing configurations, identity architectures, network exposure, and potential attack paths to identify significant risks.
• Create and implement detection logic and alerting mechanisms for cloud control plane activities, identity-based threats, and misconfiguration-related exposures using cloud-native and third-party security platforms.
• Develop automation tools to enhance assessment efficiency, extract and correlate data from extensive datasets, and transform repeatable analyses into reusable resources for the team.
• Collaborate with our Red Team during Purple Team exercises: evaluate customer detection and response capabilities and provide actionable recommendations based on identified gaps.
• Work alongside internal delivery teams to convert assessment results into deployable detection content.
• Generate clear and high-quality reports and presentations tailored for both technical and executive audiences.
• Manage client engagements from initial scoping through to delivery, ensuring stakeholders remain well-informed throughout the process.
• Contribute to the advancement of our service offerings through the development of methodologies, contributions to tools, and public-facing thought leadership.
• Extensive hands-on experience with AWS and Azure, covering identity, compute, networking, storage, serverless, and logging and monitoring services.
• A thorough understanding of cloud architecture patterns and the common points where security assumptions fail in practice.
• Experience with GCP is advantageous but not essential.
• Proven experience in creating effective detection content: formulating queries, developing alerting logic, and filtering out noise in cloud-native and third-party SIEM/XDR environments.
• Familiarity with the operational methods of threat actors within cloud environments, with the capability to translate this knowledge into effective detections.
• Experience in tracing the chain of misconfigurations that lead to realistic attack paths.
• Knowledge of prevalent cloud attack patterns such as privilege escalation, lateral movement, persistence, and data exfiltration.
• Proficiency in scripting with Python or a similar language, comfortable in building tools to automate assessment tasks, work with large datasets, and enhance existing frameworks.
• Experience writing queries across platforms like KQL, SPL, or cloud-native query engines.
• Strong written and verbal communication skills in English.
• Proficiency in additional languages is a significant advantage, especially Mandarin, Japanese, Hindi, or Thai.
• Bachelor's degree or higher with 10+ years of professional experience.
• Cloud security certifications are beneficial indicators of practical platform knowledge.
• Industry-leading compensation and equity awards.
• Comprehensive wellness programs focused on physical and mental health.
• Competitive vacation and holiday policies for relaxation and rejuvenation.
• Paid parental and adoption leave.
• Opportunities for professional development available to all employees, regardless of level or role.
• Employee Networks, geographic community groups, and volunteer opportunities to foster connections.
• A vibrant office culture with world-class amenities.
• Recognized as a Great Place to Work Certified™ globally.
ESA - Electronic Security Association
DKB Code Factory GmbH
Aledade, Inc.
Toyota North America
Get handpicked remote jobs straight to your inbox weekly.