Senior Cloud Security Platform Engineer - V

Job Title: Senior Cloud Security Platform Engineer - V

Summary

We are seeking a Senior Cloud Security Platform Engineer to design, automate, and secure enterprise-scale cloud infrastructure. This role embeds security by design into every layer of platform engineering, ensuring workloads are compliant, resilient, and scalable.

You will collaborate with development, DevOps, and security teams to deliver secure cloud environments through Infrastructure as Code (IaC), automation, and proactive monitoring. The ideal candidate brings deep expertise in cloud security, hands-on coding/automation experience, and the ability to drive a shift-left security culture.

________________________________________

Key Responsibilities

Security-Focused Responsibilities

• Enforce organizational security guardrails using SCPs, AWS Config, and Control Tower

• Automate compliance and governance through IaC templates (Terraform, CloudFormation, AWS CDK)

• Proactively monitor cloud environments for drift, misconfigurations, and security violations

• Develop remediation automations (e.g., Lambda functions triggered by Config rules)

• Drive a shift-left culture by integrating security into CI/CD pipelines

• Support application and platform teams with troubleshooting while ensuring compliance

• Continuously evaluate and improve cloud security posture

Platform & Collaboration Responsibilities

• Build and manage integrations across security and platform tools (AWS, Kong, Dynatrace, Artifactory, Harness)

• Partner with DevOps, application, and security teams to align solutions and roadmaps

• Contribute to security awareness initiatives (documentation, training, workshops)

________________________________________

Role Enhancements & Security Leadership

• Conduct Threat Modeling for Cloud Architectures to proactively identify risks in new designs

• Implement Security Chaos Engineering practices (e.g., simulating IAM policy misconfigurations)

• Establish Guardrail Playbooks – reusable blueprints for developers and DevOps teams

• Integrate CSPM tools (Prisma Cloud, Wiz, Checkov) into CI/CD pipelines for pre-deployment scanning

• Define and track security KPIs, including:

o % of compliant resources

o Mean Time to Remediate (MTTR)

o % automated vs. manual remediations

________________________________________

Minimum Qualifications

• Education:

o Bachelor’s degree in Computer Science, Engineering, or related field (Required)

o Master’s degree in Cloud Security, Information Security, or related discipline (Preferred)

• Experience:

o 8+ years in Cloud Engineering / DevOps

o 3+ years focused on cloud security automation

• Certifications (Required/Preferred):

o AWS Certified Solutions Architect

o AWS Certified Security – Specialty

o AWS DevOps Engineer – Professional

o HashiCorp Terraform Associate

________________________________________

Technical Skills

• Cloud Security: IAM, KMS, encryption, VPC security, logging & monitoring

• AWS Security Controls: SCPs, AWS Config, Control Tower guardrails, AWS Organizations

• IaC Expertise: Terraform, CloudFormation, AWS CDK

• Automation & Scripting: Python, Go, Bash/PowerShell, JavaScript (Lambda automation)

• Patch Management: AWS Systems Manager (SSM), automation documents, compliance dashboards

• CI/CD & Tooling: GitHub Actions, Harness, Artifactory, Dynatrace, CloudWatch

• Containers & Workloads Security: Docker, Kubernetes (EKS), AWS Lambda

• Incident Response: Troubleshooting, RCA, post-mortems in cloud environments

• API Security & Service Mesh: Kong, Apigee, Istio, Consul

• Soft Skills: Collaboration, documentation, mentoring, cross-team alignment

________________________________________

Preferred Skills

• Experience with multi-region/distributed systems for high availability

• Proven experience mentoring and guiding junior engineers

• Hands-on with monitoring/logging pipelines (ELK, Datadog, Prometheus/Grafana)

• Strong incident management expertise in production environments

• Experience in pipeline optimization for .NET, Java, and Serverless stacks

• Knowledge of data visualization tools (QuickSight, Power BI)

• Passion for continuous learning and cloud security innovation

________________________________________