This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This role offers an opportunity to safeguard and optimize cloud environments for a diverse set of clients, with a focus on Google Cloud Platform, Microsoft Azure, and AWS. As a Cloud Security Engineer, you will:

• Design and implement robust security architectures
• Perform manual penetration testing on web and mobile applications
• Provide strategic guidance on SaaS and network security
• Work directly with clients to ensure compliance with industry standards and frameworks
• Respond to complex security incidents with effective remediation strategies
• Contribute to building repeatable security processes
• Automate security monitoring
• Provide mentorship to team members

This is a hands-on, client-facing role that combines operational security, risk management, and proactive threat mitigation. The position requires a detail-oriented professional with strong communication skills and a passion for staying ahead of emerging cloud security threats.

Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Risk Management, Statistics, or related field
• 10+ years in web application penetration testing and cybersecurity, with at least 4+ years focused on cloud security engineering
• Hands-on experience with Google Cloud Platform, Microsoft Azure, and AWS security services
• Deep knowledge of cloud security operations, network security, firewalls, WAFs, and SIEM platforms
• Strong scripting skills (Python, PowerShell, Bash) and practical experience with automation and cloud security tools
• CISSP required; additional certifications such as GWAPT, OSCP, CISM, or cloud provider security certifications highly desirable
• Familiarity with compliance frameworks, secure coding practices, and OWASP Top 10 vulnerabilities
• Strong organizational, project management, and communication skills with the ability to work in client-facing, fast-paced environments
• Bonus: experience with Infrastructure as Code (Terraform, CloudFormation), container security, and DevSecOps practices

Requirements

• Perform manual penetration testing on web and mobile applications using black-box, gray-box, and white-box testing techniques, along with DAST and SAST tools
• Design, implement, and optimize cloud security architectures and respond to security alerts across multi-cloud environments
• Configure and manage cloud-native firewalls and Web Application Firewalls (WAFs) to secure applications from common vulnerabilities
• Integrate and optimize SIEM platforms, including log ingestion, custom alert creation, and dashboarding for enhanced visibility
• Provide guidance on SaaS security best practices, including IAM, API security, encryption, and secure configurations
• Lead compliance and governance initiatives to meet frameworks such as GDPR, SOC 2, ISO 27001, CMMC, and CSA STAR
• Act as a trusted advisor to clients, delivering technical presentations, workshops, and security assessments
• Support incident response activities, vulnerability management, and remediation of security findings across cloud environments

Benefits

• Competitive base salary with performance-based incentives
• Comprehensive health, dental, and vision coverage
• Employer-paid life and disability insurance
• Fully paid parental leave program
• 401(k) plan with employer contributions
• Generous PTO, paid holidays, and flexible work schedules
• Remote-friendly and casual work environment with “quiet Fridays”
• Professional development opportunities and supportive, collaborative culture