Key skills
AWSAzureCloudGoogle Cloud PlatformTerraformGCPGoogle CloudCloudFormationCI/CDTrivyOWASPCloud Security
About this role
Role Overview
- Architect, implement, and continuously improve cloud security posture management across AWS, Azure, and GCP environments supporting hundreds of applications
- Lead the migration from AquaSec to CrowdStrike Falcon CSPM, ensuring continuity of visibility and compliance enforcement
- Establish and maintain compliance with CIS Benchmarks Level 1 standards across all cloud platforms
- Design monitoring and alerting strategies that surface actionable security gaps to both security and engineering teams
- Implement automated security scanning and policy enforcement for Terraform, CloudFormation, and other IaC frameworks
- Integrate tools like CrowdStrike Falcon, Checkov and Trivy into CI/CD pipelines to prevent misconfigurations before deployment
- Embed security controls directly into cloud deployment pipelines using native platform capabilities and third-party tooling
- Partner with DevOps teams to build secure-by-default infrastructure templates and golden paths
- Conduct architecture reviews for new cloud services and deployment patterns
- Identify and prioritize security risks based on business impact, exploitability, and compensating controls
- Manage and optimize cloud-native security tooling including CSPM, CNAPP, and secret scanning solutions
- Build automation to reduce manual security work and improve consistency of controls
- Establish metrics and reporting that demonstrate security posture improvement and compliance trends
Requirements
- 7 to 10+ years of experience in information security with at least 5 years focused on cloud security architecture
- Hands-on experience implementing and operating CSPM solutions in multi-cloud environments
- Proven track record architecting security controls for large-scale cloud deployments (1,000+ resources)
- Experience with CIS Benchmarks implementation and compliance enforcement
- Strong understanding of cloud-native architecture patterns and security implications
- Bachelor's degree in Computer Science, Information Security, or equivalent practical experience
- Relevant cloud security certifications (AWS Certified Security – Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CCSP)
- Experience with CrowdStrike Falcon CSPM or other leading CSPM/CNAPP platforms
- Background in DevSecOps, SRE, or cloud platform engineering
- Familiarity with OWASP SAMM or similar security maturity frameworks
- Prior experience in regulated industries (healthcare, financial services) with SOC 2, HIPAA, or PCI-DSS compliance requirements
- Contributions to open-source security tools or cloud security communities.
Tech Stack
- AWS
- Azure
- Cloud
- Google Cloud Platform
- Terraform
Benefits
- Opportunity for annual cash bonus
- Health / Dental / Vision Benefits Day-One
- 5% matching 401k
- Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!