Key skills
AWSAzureGCPCI/CDRisk ManagementNetwork SecurityCloud Security
About this role
Sheetz is focused on enhancing its cloud security posture, and they are seeking a Cloud Security Engineer III to design and implement secure cloud solutions. This role involves collaborating with various teams to integrate security controls, respond to incidents, and ensure compliance with best practices across multi-cloud environments.
Responsibilities:
- Design and architect scalable, resilient cloud security solutions that align with organizational risk tolerance, regulatory requirements, and industry best practices
- Serve as the subject matter expert (SME) for cloud security across AWS, Azure, and GCP, providing guidance on identity and access management, network security, data protection, logging, and monitoring
- Lead cloud-based security incident response efforts, including detection, investigation, containment, remediation, and post-incident analysis
- Integrate security controls into CI/CD pipelines by implementing secure build, test, and deployment practices, including automated security testing and policy enforcement
- Review Infrastructure-as-Code (IaC) templates and configurations to ensure secure design patterns, compliance with standards, and prevention of misconfigurations
- Evaluate, recommend, and deploy cloud security tools and services (e.g., CSPM, CWPP, CIEM, SIEM integrations) to enhance visibility, threat detection, and risk management
- Collaborate closely with platform engineering, DevOps, architecture, and compliance teams to embed security into cloud solutions without impeding delivery velocity
- Conduct cloud risk assessments and threat modeling for new and existing services, identifying vulnerabilities and recommending mitigation strategies
- Drive remediation of complex cloud security issues by prioritizing risk, coordinating cross-functional efforts, and validating corrective actions
- Develop, document, and maintain cloud security standards, policies, reference architectures, and best practices to ensure consistent and secure cloud adoption
- Maintain up-to-date, in-depth knowledge of the cloud security landscape, including emerging threats, attack techniques, regulatory changes, and evolving security technologies
- Participate in an on-call rotation to provide evening and weekend support as needed. As Sheetz operates 24/7/365, internal and external customers may require support at any time
Requirements:
- Bachelor's degree in Computer Science, Engineering or related field required
- Minimum 5 years of hands-on experience in cloud cybersecurity roles, with at least 3 years in Cloud Security Engineering required
- Previous exposure utilizing cloud provider native security solutions in at least one of AWS, GCP, or Azure required
- Maintain a continuous personal professional development program; this level requires CISSP certification and commitment to pursue additional training or certifications in risk, security, governance, compliance (e.g., CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP, GICSP, GMOB, GCIH, CRCMP, CISA, CGEIT, CRISC, CRMA, CORP, advanced degree)
- Previous exposure to IP, TCP/IP, and other network administration protocols preferred
- Previous exposure to Windows and Linux systems preferred