Contractor Senior Cloud Infrastructure Security Engineer
A2C Consulting is hiring a remote Contractor Senior Cloud Infrastructure Security Engineer. The career level for this job opening is Expert and is accepting USA based applicants remotely. Read complete job description before applying.
A2C Consulting
Job Title
Posted
Career Level
Career Level
Locations Accepted
Share
Job Details
This role is critical in supporting the CISO's efforts to secure the organization's cloud, on-premises, and DevOps environments. You will work closely with engineering, IT, and security teams to design, implement, and maintain robust security measures across the technology stack while driving security automation and best practices in a DevSecOps framework.
Key Responsibilities
- Cloud Security Engineering:
- Design and implement security controls for cloud platforms (Azure).
- Conduct cloud architecture reviews and identify security risks in Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) environments.
- Monitor and respond to cloud-specific security alerts using Cloud Security Posture Management (CSPM) tools.
Infrastructure Security:
- Implement security hardening measures for servers, storage, and network infrastructure.
- Manage identity and access management (IAM), ensuring least privilege principles are enforced across cloud and on-premises systems.
- Oversee encryption, key management, and secure configuration for infrastructure services.
DevSecOps Integration:
- Embed security into CI/CD pipelines, including static code analysis (SAST), dynamic application testing (DAST), and secret scanning.
- Automate security testing and compliance checks within DevOps workflows.
- Advocate for secure coding practices and mentor development teams on secure DevOps practices.
Incident Response and Threat Management:
- Lead the investigation and resolution of security incidents within cloud and DevOps environments.
- Develop and maintain playbooks for cloud and infrastructure-specific incidents.
- Perform threat modeling and provide proactive measures to mitigate risks.
Compliance and Governance:
- Ensure cloud and infrastructure environments comply with industry standards (e.g., CIS, NIST, ISO 27001) and regulatory requirements (e.g., GDPR, HIPAA, PCI DSS).
- Collaborate with the CISO to develop security policies, procedures, and best practices.
- Conduct periodic audits and risk assessments.
Collaboration and Training:
- Work closely with IT, DevOps, and engineering teams to align security goals with business objectives.
- Provide training and guidance to teams on cloud and DevOps security principles.
- Stay informed about emerging cloud and DevOps security trends, threats, and technologies.
Qualifications
- Bachelor s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience).
- Relevant certifications such as AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer, CISSP, CISM, or DevSecOps certifications are highly preferred.
Experience:
- 7+ years of experience in cloud security, infrastructure security, and DevOps environments.
- Hands-on experience with multiple cloud platforms (AWS, Azure, Google Cloud Platform) and hybrid infrastructure environments.
- Demonstrated expertise in securing CI/CD pipelines and implementing DevSecOps practices.
Technical Skills:
- Strong understanding of container security (Docker, Kubernetes) and orchestration platforms.
- Proficiency in automation tools (Terraform, Ansible, Jenkins) and scripting languages (Python, Bash).
- Knowledge of network security, firewalls, WAFs, and microsegmentation.
- Excellent problem-solving and analytical abilities.
- Strong communication skills to convey technical details to both technical and non-technical stakeholders.
- Ability to work independently and lead security initiatives.