Cloud Cyber Security Engineer

Job Description

Overview

The Cloud Cybersecurity Engineer is responsible for designing, implementing, and maintaining security controls in cloud environments. This role ensures that cloud workloads, applications, and data remain protected against cyber threats while aligning with organizational and compliance requirements.

1. Cloud Security Architecture & Design

• Develop and implement secure cloud architectures across Azure, AWS, or GCP.
• Design security principles including Zero Trust, network segmentation, identity controls, and encryption mechanisms.
• Evaluate cloud services and recommend secure configurations and hardening strategies.

1. Security Operations & Monitoring

• Monitor cloud environments for suspicious activity using SIEM, CSPM, or CWPP tools (e.g., Microsoft Defender for Cloud, Prisma Cloud, Wiz).
• Investigate security alerts, perform threat analysis, and respond to incidents.
• Conduct regular vulnerability scanning and ensure remediation.

1. Identity & Access Management (IAM)

• Implement and maintain cloud IAM roles, policies, and least-privilege access controls.
• Support identity federation, SSO, and multifactor authentication (MFA).
• Periodically review access logs and perform security audits.

1. Compliance & Governance

• Ensure cloud environments meet compliance standards: ISO 27001, SOC 2, NIST, CIS Benchmarks, or company-specific policies.
• Implement governance controls like tagging policies, resource locks, and security baselines.

1. Automation & Infrastructure Security

• Build automated security controls using IaC (Terraform, ARM/Bicep, CloudFormation).
• Integrate security tooling into CI/CD pipelines (DevSecOps).
• Support secure containerization and Kubernetes cluster security.

1. Incident Response & Forensics

• Support investigations of cloud-related security incidents.
• Conduct root-cause analysis and recommend long-term fixes.
• Maintain incident playbooks and disaster recovery strategies.

Required Skills & Qualifications

• Strong understanding of cloud platforms: Azure / AWS
• Experience with cloud security tools (Defender for Cloud, GuardDuty, Security Hub, Sentinel, etc.).
• Proficiency with networking fundamentals: VPC, firewalls, WAF, VPN, DNS, routing.
• Knowledge of threat modeling and security frameworks (MITRE ATT&CK).
• Handson with scripting (Python, PowerShell, Bash).
• Familiarity with container platforms (Docker, AKS/EKS/GKE).

• Microsoft SC-100, AZ-500
• AWS Security Specialty
• CISSP, CCSP, CEH, or related.

• Strong analytical and problem-solving abilities.
• Ability to work crossfunctionally with cloud teams, developers, and leadership.
• Clear communication and documentation skills.

• 35 years of cybersecurity or cloud engineering experience.
• Experience working in enterprise cloud environments.
• Prefer candidates having experience in public sector.