Key skills
AWSAzureCloudPythonTerraformPowerShellIAMSAMLSSOSaaSCI/CDCommunicationCloud Security
About this role
Role Overview
- Own the end-to-end implementation, monitoring, and remediation of security framework benchmarks (including CIS) across AWS and Azure environments.
- Conduct regular assessments against security framework controls, identify gaps, and drive remediation plans.
- Develop and maintain security baselines, hardening guides, and configuration standards for cloud resources.
- Translate security framework requirements into actionable Terraform modules and Infrastructure-as-Code guardrails.
- Lead vulnerability identification, assessment, and remediation efforts across cloud infrastructure and workloads.
- Develop and maintain risk scoring methodologies to prioritize remediation based on business impact and threat severity.
- Coordinate with engineering and operations teams to track remediation progress and ensure timely resolution of identified vulnerabilities.
- Assess the current state of IAM across AWS, Azure, and integrated tooling (CI/CD platforms, SaaS applications, identity providers).
- Develop and execute a comprehensive IAM maturity roadmap covering least-privilege enforcement, role-based access, service account governance, and access reviews.
- Design and implement centralized identity federation, SSO, and conditional access policies across cloud and hybrid environments.
- Define and enforce privilege escalation controls, break-glass procedures, and just-in-time access patterns.
- Write Python and PowerShell scripts to automate security assessments, remediation workflows, and compliance reporting.
- Build and maintain Terraform modules that enforce security controls as code, integrated into CI/CD pipelines.
- Serve as the security subject matter expert for cloud architecture reviews and change advisory processes.
- Provide guidance and mentorship to Cloud Operations and Engineering teams on security best practices.
- Lead incident response activities related to cloud security events and contribute to post-incident reviews.
Requirements
- 8+ years of experience in cloud security, infrastructure security, or security engineering roles.
- Deep hands-on experience with both AWS and Azure security services, architecture, and best practices.
- Demonstrated experience implementing and managing security frameworks (e.g., CIS, NIST, SOC 2) at scale in cloud environments.
- Strong background in IAM design and implementation, including federation (SAML, OIDC), RBAC, ABAC, and privileged access management.
- Proficiency in Python and PowerShell for security automation and scripting.
- Hands-on experience with Terraform for infrastructure-as-code, including writing custom modules and policies.
- Experience with compliance automation and cloud security posture management (CSPM) tools.
- Strong understanding of networking, encryption, secrets management, and cloud-native security controls.
- Excellent written and verbal communication skills, with the ability to present security strategies to both technical and executive audiences.
- +90% English written and oral (at least B2 level) with excellent communication skills.
Tech Stack
- AWS
- Azure
- Cloud
- Python
- Terraform
Benefits
- Employees can work remotely