Key skills
PythonBashPowerShellAWSAzureGCPTerraformKubernetesDockerCloudFormationIAMSaaSRisk ManagementCloud SecurityFirewall
About this role
Appspace is dedicated to enhancing workplace experiences and is looking for a Cloud Security Engineer to join their team. In this pivotal role, you will design and implement secure cloud configurations while providing strategic guidance on cloud security best practices across various platforms, particularly GCP, Azure, and AWS.
Responsibilities:
- Design, implement, and optimize robust cloud security architectures to enhance, build, monitor and address all security alerts from our SIEM and other security systems
- Respond to customer questionnaires, customer calls and create artifacts including network diagrams, architecture diagram, data flow diagrams and other artifacts to support customer requests
- Review all security alerts and resolve these alerts in a timely manner
- Work with our current Security Operations team to expand on our current alerting and reporting capabilities to enhance visibility across our attack surface
- Provide expert guidance on securing SaaS applications, including identity and access management (IAM), data encryption, API security, and secure configuration baselines
- Lead and manage all firewall reviews, access reviews, system reviews and risk assessments
- Lead and contribute to compliance initiatives, ensuring cloud environments adhere to industry regulations and frameworks such as GDPR, SOC 2, ISO 27001, CMMC and CSA STAR
- Conduct security assessments and gap analyses
- Act as a trusted advisor to clients, effectively communicating complex technical security concepts to both technical and non-technical stakeholders
- Deliver engaging presentations, attend client workshops, and build strong client relationships
- Support incident response activities by providing expert analysis and remediation strategies for cloud security incidents
- Lead Incident Response Plan initiatives and create documentation for all parties to follow specific plans
- Continuously research and evaluate emerging cloud security threats, technologies, and best practices
Requirements:
- Bachelor's Degree in Computer Science, Risk Management, Cyber Security, or related field
- 7-10 years progressive cloud security experience
- 4+ years of experience securing, configuring and supporting cloud environments (Azure and GCP)
- 4+ years of experience supporting a security operations center, managing security alerts, configuring SIEMs and, creating custom alerts using PowerShell, Python or Bash scripts
- Security Certifications: CISSP is required
- Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation, ARM templates) for security automation
- Scripting skills (e.g., Python, PowerShell, Bash)
- Experience with container security (Docker, Kubernetes)
- Knowledge of DevSecOps principles and practices