Cloud Security Consultant

Get AI-powered advice on this job and more exclusive features.

This range is provided by Blue Mantis. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

$130,000.00/yr - $185,000.00/yr

Please Read Before Quick Applying: This is not a Blue Team Role - This role requires actual experience doing full cloud security assessments and emulating attacks on external clients’ cloud Azure & AWS instances. You must have experience writing detailed reports with screenshots of findings and recommendations for security improvements using tools like Defender, Sentinel, Tenable, WIZ, or Qualys. These reports are delivered to external clients, such as Ford, American Express, Chevron, etc., not internal business units. If you have this experience, please review the Key Responsibilities below, especially the first six bullet points, as they outline the exact experience required. If applicable, please apply to discuss further.

Are you ready to elevate your cybersecurity career with the flexibility of remote work?

We seek an experienced Cloud Security Consultant focused on Microsoft Azure, Microsoft 365 (M365), Entra ID, Sentinel, and Defender. Extensive knowledge of Microsoft Security solutions, cloud security architecture, risk management, incident response, and industry certifications are essential. Experience with AWS security, assessing, remediating, and consulting on cloud security, along with understanding cloud misconfigurations, is also required.

You will work with clients to assess their cloud security, recommend improvements, and ensure compliance. Your expertise in Azure, M365, Entra ID, AWS, and Microsoft security tools will enable you to provide comprehensive security guidance to protect data, prevent unauthorized access, and optimize cloud operations. If you’re driven to innovate in cybersecurity and seek a role beyond the ordinary, join us at Blue Mantis.

Key Responsibilities

• Advanced Cloud Security Assessment: Conduct detailed security evaluations of Azure, M365, Entra ID, and AWS, identifying risks, misconfigurations, and weaknesses, and recommending mitigations.
• Cloud Architecture Design: Create and implement secure cloud architectures tailored to client needs, integrating security controls for data protection and resilience.
• Vulnerability Management: Detect and remediate vulnerabilities in IAM, MFA, endpoint security, and data protection, using manual and automated techniques.
• Data and DLP Strategies: Assess, design, and implement data classification and DLP policies across Microsoft, AWS, and on-premises environments to safeguard sensitive data.
• Threat Simulation: Develop and execute cloud-focused threat simulations to evaluate defenses against cyberattacks, utilizing security tools and OSINT techniques.
• Security Reporting: Prepare comprehensive reports on vulnerabilities, exploitation methods, and remediation strategies, clearly communicating risks to clients.
• Technical Communication: Translate complex security findings into actionable insights and documentation for clients.
• Remediation Support: Guide clients in implementing security best practices, identity management, access controls, and DLP strategies.
• Continuous Learning: Stay current on certifications, emerging threats, and best practices, especially in Zero Trust architecture, to provide cutting-edge advice.

Skills, Knowledge & Expertise

• 3-5 years in cloud security, with focus on Microsoft Azure, M365, and AWS security.
• Deep knowledge of Entra ID, Azure AD, Defender, Sentinel, and DLP strategies.
• Strong understanding of AWS security services like IAM, Security Hub, GuardDuty, VPC security.
• Experience in assessments, risk analysis, and remediation in cloud environments.
• Relevant certifications such as AZ-500, MS-500, SC-100, SC-200, SC-400, CISSP, CCSP are a plus.
• Bachelor’s degree in Computer Science, Information Security, or related field.
• Uphold ethical standards, confidentiality, and integrity in all engagements.

Additional Notes

Blue Mantis does not accept unsolicited resumes and requests that resumes not be forwarded to employees or locations. We are not responsible for fees related to unsolicited resumes or outreach to employees.