Baker DonelsonRemote
Security Engineer- Cloud & AppSec - Remote
United States of America
Full Time
1 hour ago
$120,000 - $150,000 USD
No H1B
Key skills
JavaScriptTypeScriptC#CSQLAzureIAMCI/CDStrategic PlanningCommunicationCloud Security
About this role
Baker Donelson is seeking a Security Engineer focused on Cloud and Application Security to join their Security team. This role involves collaborating with IT and Development teams to establish application security standards and monitor cloud security posture. The ideal candidate will have a deep understanding of cloud infrastructure and security best practices.
Responsibilities:
- Collaborate with IT, DevOps, and Business Development teams to establish and maintain application security standards, secure development lifecycles, and baseline security requirements
- Monitor cloud environments for security posture and recommend improvements
- Conduct security assessments and reviews of cloud architecture and application configurations to identify risks and recommend solutions
- Define and document security requirements for application deployments, CI/CD pipelines, and infrastructure-as-code templates
- Advise on secure design principles and help teams interpret security requirements within software delivery workflows
- Stay current with cloud security trends, vulnerabilities, and best practices and translate them into actionable guidance
- Support incident response investigations and remediation planning related to cloud and application security
- Participate in and contribute to strategic planning initiatives
- Contribute to security operations functions
Requirements:
- 5+ years of experience in cloud security, application security, or cybersecurity engineering
- Deep knowledge of cloud platforms and cloud security technologies
- Working knowledge of common programming languages (e.g., C#, JavaScript/TypeScript, SQL) sufficient to review security‑relevant application logic and identify typical implementation weaknesses
- Hands‑on experience with DevSecOps tooling including SAST, SCA, or DAST solutions to enable lightweight security validation within CI/CD pipelines
- Familiarity with Azure application security capabilities, such as enforcing HTTPS‑only configurations, leveraging private endpoints, and applying identity‑based access patterns to support secure deployment practices
- Experience collaborating with developers and infrastructure engineers
- Familiarity with threat modeling, risk assessment methodologies, and security controls
- Excellent communication skills and ability to explain security concepts to technical and non-technical audiences
- Security certifications (e.g., CISSP, CCSP, CSSLP, CKS)
- Knowledge of compliance frameworks (e.g., SOC 2, ISO 27001)
- Familiarity with cloud monitoring and security tooling (CSPM, SIEM, IAM tools, etc.)