Key skills
PythonBashPowerShellAWSAzureGCPGoogle CloudKubernetesSaaSCI/CDCollaborationOWASPCloud Security
About this role
Calance is seeking a Cloud Security Engineer responsible for implementing, operating, and improving cloud security capabilities across the organization’s cloud and SaaS environments. The role focuses on enhancing visibility, posture management, and threat detection within cloud infrastructure and applications while collaborating with various teams to ensure secure deployments.
Responsibilities:
- Cloud Security Posture Management
- Support the implementation and operation of cloud security posture management (CSPM) and cloud-native application protection platform (CNAPP) technologies
- Monitor and analyze security findings from platforms such as Wiz Code and Wiz Defend to identify misconfigurations, vulnerabilities, and exposure risks
- Work with engineering and infrastructure teams to remediate cloud security findings and reduce risk across cloud environments
- Develop and maintain security baselines for cloud services and infrastructure
- SaaS Security Posture Management
- Support the implementation and management of SaaS security posture management (SSPM) capabilities using platforms such as CrowdStrike Falcon Shield
- Identify and remediate risky SaaS configurations, permission issues, and data exposure risks
- Collaborate with application owners to enforce SaaS security standards and improve identity and access controls
- Cloud Threat Detection & Investigation
- Assist with the investigation of suspicious activity within cloud environments using telemetry from security platforms and logging systems
- Support detection engineering by helping refine alerts and security policies within cloud security tools
- Work closely with Security Operations to triage and investigate cloud-related security events
- Secure Development & DevSecOps Integration
- Integrate security tooling into development workflows and CI/CD pipelines where appropriate
- Support development teams in identifying and addressing security risks in cloud-native applications
- Assist with scanning infrastructure-as-code and application dependencies for security issues using platforms such as Wiz Code
- Security Automation & Engineering
- Develop scripts or automation to improve cloud security visibility, reporting, and remediation workflows
- Assist with integration of cloud security tools into existing monitoring and ticketing systems
- Support the development of dashboards and reporting that communicate cloud security risk and remediation progress
- Cross-Team Collaboration
- Work with cloud platform teams to improve secure deployment practices and infrastructure configurations
- Support security architecture initiatives related to cloud adoption and modernization
- Participate in security design reviews for new cloud applications or services
Requirements:
- Bachelor's degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience)
- 2-5 years of experience in cloud security, security engineering, or cloud infrastructure roles
- Hands-on experience with cloud environments such as AWS
- Hands-on experience with cloud environments such as Microsoft Azure
- Hands-on experience with cloud environments such as Google Cloud Platform (GCP)
- Experience working with cloud security platforms such as Wiz (Code / Defend)
- Experience working with cloud security platforms such as CrowdStrike Falcon Shield or other SSPM tools
- Experience working with CSPM, CNAPP, or workload protection platforms
- Understanding of cloud identity and access management
- Understanding of infrastructure-as-code security
- Understanding of cloud networking and segmentation
- Understanding of container and Kubernetes security concepts
- Familiarity with scripting or automation languages such as Python
- Familiarity with scripting or automation languages such as Bash
- Familiarity with scripting or automation languages such as PowerShell
- Working knowledge of security frameworks and best practices such as NIST CSF, CIS Benchmarks, and OWASP
- Experience securing large-scale multi-cloud environments
- Experience integrating security tooling into DevOps or CI/CD pipelines
- Familiarity with container security platforms and Kubernetes environments
- Experience supporting SaaS security initiatives and identity governance programs
- Relevant certifications such as Certified Cloud Security Professional (CCSP)
- Relevant certifications such as AWS Security Specialty
- Relevant certifications such as CISSP