WTW is a company focused on enhancing security in multi-cloud environments. The Senior Cloud Security Engineer will play a key role in managing and optimizing cloud security tools, conducting risk assessments, and collaborating with various teams to ensure compliance and effective incident response.
Responsibilities:
- Serve as the subject matter expert for WTW's CSPM and CWPP tools, managing daily operations, integrations, and ongoing optimization
- Administer, maintain, fine-tune, and automate threat and vulnerability management in the cloud using the CSPM solution
- Continuously refining detection rules and operational alerts within WTW’s broader cloud security platforms to improve signal-to-noise ratio and enhance incident response effectiveness
- Implement and manage Cloud Security Tools
- Leverage CSPM insights to identify emerging threats and misconfigurations in cloud environments (AWS, Azure, GCP)
- Work with internal Security, DevOps, and Engineering teams to ensure compliance and remediation of cloud security findings
- Conduct cloud security risk assessments and drive remediation based on findings
- Develop dashboards and reports using Cloud tools to measure cloud security posture, effectiveness, and trends
- Maintain and enhance security monitoring, logging, and incident response capabilities for cloud environments (AWS, Azure, GCP)
- Support the administration and management of security tools within the Security Engineering team
- Create technical documentation and deliver enablement sessions to enhance security awareness and practices within engineering teams
Requirements:
- 5+ years of experience in Information Security, Cloud Security, or Security Engineering
- Strong understanding of Azure configuration for securing resources and knowledge of compliance standards such as CIS, NIST, and ISO
- Proficiency in CSPM tools such as Microsoft Defender for Cloud, Wiz, Orca, Check Point Cloud Guard, or similar
- Strong understanding of cloud security frameworks and standards (CIS, NIST, CSA, MITRE ATT&CK)
- Experience with cloud-native security controls, including IAM, KMS, VPC security, encryption, logging, and monitoring
- Experience with SIEM/analytics tools (e.g., Microsoft Sentinel, Splunk), particularly in the context of policy configuration, fine-tuning, and SOAR platforms
- Functional knowledge of PowerShell, Azure Automation, Kusto Query Language (KQL), and terraform
- Deep understanding of CI/CD pipelines and integrating security into DevOps workflows
- Proven ability to deploy, configure, and maintain CSPM and CWPP tools in production environments
- Strong communication and collaboration skills, with proven experience working in cross-functional global teams
- Strong problem-solving and critical thinking skills for addressing security issues and finding effective solutions
- Outstanding written and verbal communication skills
- Ability to work both independently and collaboratively in a fast-paced environment
- Strong communication skills, with the ability to explain security concepts to non-technical stakeholders
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900)
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- CompTIA Security+ / CySA+ / CASP+
- Any other relevant cloud security certifications