Position Overview
We are seeking a Cloud Security Specialist to design, implement, and manage comprehensive cloud security programs across multi-cloud environments, focusing on cloud-native security tools, container security, Infrastructure as Code (IaC) security, and Cloud Security Posture Management (CSPM) to protect cloud workloads and data.
Key Responsibilities
Cloud-Native Security Implementation
- Deploy and configure cloud security services (AWS Security Hub, Azure Security Center, Google Cloud Security Command Center)
- Implement identity and access management (IAM) policies and zero-trust architectures across cloud platforms
- Configure cloud-native monitoring and logging solutions (CloudTrail, Azure Monitor, Google Cloud Logging)
- Manage encryption strategies for data at rest and in transit using cloud-native key management services
- Implement network security controls including VPCs, security groups, and cloud firewalls
Container & Kubernetes Security
- Secure containerized environments using Docker security best practices and image scanning tools
- Implement Kubernetes security policies, network policies, and Pod Security Standards
- Deploy container security platforms (Twistlock, Aqua Security, Sysdig) for runtime protection
- Configure admission controllers, service mesh security, and secrets management in Kubernetes
- Conduct container vulnerability assessments and implement secure container registry management
Infrastructure as Code Security
- Implement security scanning for IaC templates (Terraform, CloudFormation, ARM templates)
- Develop secure IaC policies and compliance checks using tools like Checkov, Terrascan, and Snyk
- Configure automated security testing in CI/CD pipelines for infrastructure deployments
- Establish IaC governance frameworks and security baseline configurations
- Implement drift detection and compliance monitoring for deployed infrastructure
Cloud Security Posture Management
- Deploy and manage CSPM solutions (Prisma Cloud, CloudGuard, Microsoft Defender for Cloud)
- Configure continuous compliance monitoring and automated remediation workflows
- Conduct cloud security assessments and risk analysis across multi-cloud environments
- Implement security benchmarks (CIS, NIST) and regulatory compliance frameworks
- Generate security posture reports and metrics for executive leadership
Required Qualifications
Technical Skills
- 6+ years experience in cloud security across AWS, Azure, or Google Cloud Platform
- Expert knowledge of container security, Docker hardening, and Kubernetes security architecture
- Strong experience with IaC security tools and secure infrastructure deployment practices
- Proficiency with CSPM platforms and cloud security monitoring solutions
- Understanding of DevSecOps practices and security integration in CI/CD pipelines
- Knowledge of cloud networking, encryption, and identity management principles
Security Skills
- Experience with threat modeling for cloud architectures and container environments
- Strong understanding of cloud compliance frameworks (SOC 2, ISO 27001, FedRAMP)
- Knowledge of security automation and infrastructure security orchestration
- Experience with penetration testing and vulnerability assessment in cloud environments
Preferred Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, or related field
- Cloud security certifications (AWS Security Specialty, Azure Security Engineer, Google Cloud Security Engineer)
- Container security certifications (CKS - Certified Kubernetes Security Specialist)
- Experience with service mesh security (Istio, Linkerd) and microservices security patterns
- Background in cloud architecture and multi-cloud security strategy
