Cloud Security Engineer

The Cyber(/Cloud) Security Engineer is responsible for implementing and managing cloud security solutions to safeguard the company’s data and infrastructure. This role involves implementing security controls, responding to security threats, and assisting in the deployment of cloud-based security solutions. He/She will work closely with cross‑functional teams to ensure the security of cloud environments, including AWS, Azure, Kubernetes, and Docker.

• Monitor, investigate, and respond to security incidents and vulnerabilities.
• Support security monitoring and threat intelligence efforts.
• Assist in security investigations, root cause analysis, and remediation planning.
• Assist in deploying and maintaining security controls for cloud/hybrid environments (AWS, Azure, Kubernetes, Docker, etc.).
• Ensure security compliance with industry standards (e.g., NIST, ISO 27001, CCM).
• Support the development of cloud security policies and best practices.
• Assist in the deployment and integration of security tools such as Web Application Firewalls (WAF), Security Information and Event Management (SIEM), and Identity & Access Management (IAM) solutions.
• Work with DevOps and IT teams to implement security configurations in cloud environments.
• Work with vendors and support teams to resolve security issues.
• Participate in training and upskilling programs as needed.
• Participate in security automation and infrastructure-as-code (IaC) initiatives.
• Collaborate with internal teams to identify security gaps and propose solutions.
• Assist in documenting security policies, procedures, and incident reports.
• Keep up-to-date with emerging cloud security threats and trends.

• At least 3 years of working experience in Information Security, Cloud Security, or Security Engineering.
• At least 1 year of hands‑on experience with AWS or Azure security features and cloud security best practices.
• Proven experience with security technologies and processes, including Intrusion Detection Systems (IDS/IPS), endpoint security, and log management.
• Hands‑on experience with SIEM/Analytics tools (e.g., Microsoft Sentinel, Splunk, or Securonix), including policy configuration and fine‑tuning.
• Familiar with public and hybrid cloud security risks and mitigation strategies.
• Experience with Web Application Firewalls (WAF) and proxy security solutions is a plus.
• Knowledge of security monitoring, incident response, and vulnerability management.
• Understanding of TCP/IP, HTTP, SSL, DNS, and OWASP Top 10 security risks.
• Security certifications (e.g., CompTIA Security+, AWS Security Specialty, CEH) are preferred, though not mandatory.
• Strong problem‑solving and analytical skills to assess security threats and recommend solutions.
• Ability to work independently and collaboratively in a fast‑paced environment.
• Good communication skills, with the ability to explain security concepts to non‑technical stakeholders.