Key skills
AWSGCPAzureTerraformCloud IAMKubernetesCSPM/CNAPPGit workflowsCI/CDSecurity conceptsCertificationsCommunicationProblem-solvingIAMGitChange ManagementCloud Security
About this role
Rearc is a company committed to empowering engineers to build impactful products and experiences. They are seeking a hands-on Senior Cloud Security Engineer to design, implement, and integrate security tooling across multi-cloud environments while collaborating with security stakeholders and engineering teams to ensure effective remediation and security practices.
Responsibilities:
- Implement and support cloud security tooling integrations across AWS, GCP, and Azure using Infrastructure as Code
- Configure permissions, integrations, and coverage for security platforms (e.g. Wiz)
- Work closely with security stakeholders (CSOC, Threat & Vulnerability Management, central security teams) to:
- Interpret findings
- Assess real-world risk
- Prioritise remediation
- Translate security concepts into clear, actionable guidance for engineering teams
- Participate in infrastructure and application PR reviews as a security-minded cloud SME
- Help standardise secure-by-default patterns that scale across hundreds of teams
Requirements:
- Strong hands-on experience in at least one public cloud (AWS, GCP, or Azure)
- Strong hands-on Terraform experience in public cloud environments, including writing and maintaining modules, managing environments, and reviewing infrastructure changes via PRs
- Solid understanding of cloud IAM concepts (roles, policies, least privilege, cross-account access)
- Experience working with Git-based workflows and PR-driven change management
- Comfort operating in CI/CD environments and reviewing infrastructure changes via PRs
- Working understanding of Kubernetes from a security and infrastructure perspective (e.g. cluster access, workload identity, network exposure, and visibility)
- Working understanding of core security concepts: Risk vs threat vs vulnerability, Security posture and coverage gaps, Impact and prioritisation
- Experience implementing or supporting cloud security tooling, such as: CSPM / CNAPP platforms (e.g. Wiz), Cloud-native security services (e.g. GuardDuty, Security Hub, Defender)
- Ability to articulate security findings clearly: What matters, What doesn't, What needs action now vs later
- Wiz certification
- cloud security certifications (AWS/GCP/Azure Security)