Cloud Security Engineer

Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!

We are seeking a highly skilled and experienced Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining Cloud Security Platform and security technologies to protect Qualys systems across various cloud environments as:

• Oracle Cloud Infrastructure (OCI)
• Amazon Web Services (AWS)
• Microsoft Azure
• Google Cloud Platform (GCP)
• Alibaba
• IBM

You would be responsible for cloud resource provisioning, IAM, policy creation, UAR, establishing cloud security monitoring, cloud security posture management along with designing and architecting the cloud environments as per security best practices and cloud security guidelines of various standards.You will work closely with cross-functional teams to ensure the effectiveness of security measures and help establish and enforce cloud security policies and procedures.

Security Architecture Review: Review and assess the security architecture of cloud-based systems and applications to identify gaps and recommend improvements in alignment with industry best practices and regulatory requirements.

Cloud Compliance Management: Ensure cloud environments adhere to relevant compliance standards and regulations by implementing appropriate security controls, conducting compliance assessments, and generating compliance reports.

Cloud Security Governance: Establish and maintain cloud security governance frameworks, policies, and procedures to ensure consistent and effective management of security risks across cloud environments.

Incident Response: Actively participate in incident response activities related to cloud security incidents, including investigation, containment, eradication, and recovery.

Cloud Security Tooling: Evaluate, select, deploy, and manage security tools and technologies specifically designed for cloud environments, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud-native security services. Tools like Prisma Cloud, Orca Security, etc. 

Cloud Security Automation: Develop and implement automation scripts and workflows to streamline security operations tasks, such as configuration management, vulnerability scanning, and incident response orchestration.

Cloud Risk Assessment: Conduct risk assessments of cloud services, configurations, and deployments to identify and prioritize security risks, and collaborate with relevant teams to mitigate identified risks.

Cloud Security Research and Innovation: Stay abreast of emerging threats, vulnerabilities, and security trends in cloud computing, and actively engage in research and innovation to enhance the organization's cloud security posture.

• Understanding of cloud platforms like AWS, Azure, Google Cloud, OCI etc., including their services and architecture.
• Skills in designing secure cloud architectures, including network segmentation, data encryption, and disaster recovery strategies.
• Proficiency in managing user identities, permissions, roles, and access controls within cloud environments.
• Ability to set up monitoring tools, analyze security logs, and respond to security incidents promptly.
• Familiarity with cloud-native security services and tools provided by cloud providers (e.g., AWS Security Hub, Azure Security Center).
• Ability to assess security risks, prioritize them based on impact and likelihood, and develop strategies to mitigate them.
• Knowledge of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other network security concepts.
• Familiarity with encryption algorithms, SSL/TLS protocols, and cryptographic key management for data protection.
• Experience with vulnerability scanning tools, penetration testing methodologies, and patch management processes.
• Knowledge of scripting languages (e.g., Python, PowerShell) and automation tools (e.g., Terraform, Ansible) to automate security tasks and configurations.

• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CCSK, CCSP and cloud native certifications like AWS, Azure, OCI, GCP are highly desirable.
• Proven track record of designing and implementing complex cloud environments preferably in a cloud security engineer role.
• Experience implementing security controls in cloud environments using tools such as AWS Security Hub, AWS GuardDuty, AWS IAM Analyzer, Azure Security Center, or Azure Defender or Google Cloud Security Command Center or Oracle Cloud Guard.
• Knowledge of industry-standard security frameworks and regulations (e.g., NIST, CIS, GDPR, HIPAA).
• In-depth knowledge of cloud components, IAM, and best practices, including user provisioning, access/policy management, authentication mechanisms
• Familiarity with CSP environments like OCI, AWS, Azure, GCP etc
• Experience with cloud governance processes, cloud security implementation, cloud security monitoring etc.
• Strong problem-solving and analytical skills, with the ability to assess complex cloud requirements, identify gaps, and propose effective solutions.
• Excellent communication and collaboration skills to work effectively with cross-functional teams, stakeholders, and external vendors.
• Strong project management skills to drive cloud initiatives, manage timelines, and deliver successful outcomes.