Senior Cloud Security Engineer – FedRamp

This is a fully remote position, open to applicants in Texas.

📋 Description

• Develop, implement, and oversee security best practices and controls for services hosted across AWS, Azure, GCP, and OCI environments.

• Serve as the subject matter expert in security automation, utilizing CloudFormation and/or Terraform to consistently and scalably deploy secure infrastructure.

• Enforce and implement stringent security configuration benchmarks, particularly CIS Level 2 and DISA STIGs, across all computing environments, including various types of Linux and Kubernetes clusters.

• Configure, manage, and enhance cloud-native as well as third-party security tools such as Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls.

• Deploy and manage Web Application Firewalls (WAFs), including F5 and other cloud-native WAF solutions, to safeguard critical applications.

• Incorporate security testing tools (SAST, DAST, SCA) into CI/CD pipelines to facilitate "shift-left" security practices.

• Design and sustain solutions for the secure storage and rotation of credentials, API keys, and secrets using tools like HashiCorp Vault or other equivalent cloud-native services.

• Conduct threat modeling and execute security reviews for new applications and services to proactively identify and address risks during the design phase.

• Participate in a rotating on-call schedule to promptly respond to security incidents and operational challenges.

• Assist in internal and external audits by producing evidence, drafting detailed reports, and delivering clear, concise technical presentations to leadership.

• Work with minimal supervision, proactively identifying and recommending security enhancements while driving projects to successful completion.

⛳️ Requirements

• Over 8 years of progressive experience in IT, with a minimum of 5 years focused on Cloud Security Engineering in a multi-cloud setting.

• Expert-level skills in Infrastructure as Code (IaC) for security automation using Terraform and/or CloudFormation.

• Extensive hands-on experience securing at least three of the following major cloud providers: AWS, Azure, GCP, and OCI.

• Proven knowledge in system hardening using industry standards such as CIS Level 2 and DISA STIGs.

• Significant experience with Linux administration and securing containerization technologies, particularly Kubernetes.

• Practical experience with advanced security platforms, including at least two of the following: Palo Alto Prisma Cloud, Orca, Google SecOps, and Palo Alto Next Generation Firewalls.

• Demonstrated experience with WAF solutions, such as F5 or equivalent cloud-native services.

• Strong understanding of DevSecOps principles, including the integration of security tools into CI/CD pipelines.

• Proven experience with Secret Management solutions (e.g., HashiCorp Vault, AWS Secrets Manager).

• Exceptional written and verbal communication skills, with the ability to produce executive-level reports and deliver technical presentations.

• Proven capability to work independently and take ownership of critical responsibilities.

🏝️ Benefits

• Health insurance

• Remote work options