The Opportunity: We are seeking a highly skilled Cloud Security Engineer to join our dynamic team. This is a crucial customer-facing role where you will be instrumental in designing, implementing, and securing complex cloud environments for our clients across Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS), with a strong emphasis on GCP. You will leverage your deep expertise in SaaS security, network security, and compliance to provide strategic guidance and hands-on support, ensuring our clients' cloud infrastructures are robust, resilient, and compliant with industry standards.What You'll Do:Cloud Security Operations: Design, implement, and optimize robust cloud security architectures to enhance, build, monitor and address all security alerts from our SIEM and other security systems. This is an operational role whereby you will be available M-F 8am-5pm EDT and on-call shifts on evenings and weekends.Perform penetration testing activities on Web Applications, Cloud Environments and Mobile Applications using black-box testing tools, in-depth penetration test (using shell scripts and manual testing) techniques, DAST & SAST tools. The candidate should be familiar with black box, gray box and white box testing techniques along with red teaming skillsUnderstand the application architectural components, business purpose of the application and code at high level. The resource will be responsible for assisting in architecting secure coding practices.Network Security Expertise: Your network security and cloud security expertise will be required to respond to customer questionnaires, customer calls and create artifacts including network diagrams, architecture diagram, data flow diagrams and other artifacts to support customer requests. Strong written skills will be required here and attention to detail.Firewall & WAF Management: Configure, manage, and troubleshoot cloud-native firewalls (e.g., GCP Cloud Firewall, Azure Firewall, AWS Security Groups/NACLs) and Web Application Firewalls (WAFs) to protect web applications from common vulnerabilities and attacks. The candidate will demonstrate past hands-on network experience in managing complex layer-4 to layer-7 rules.SIEM Integration & Optimization: As a Level-2 Security Operations support team member, you will review all security alerts and resolve these alerts in a timely manner. You will work with our current Security Operations team to expand on our current alerting and reporting capabilities to enhance visibility across our attack surface. Powershell or similar scripting skills will be required.SaaS Security Best Practices: Provide expert guidance on securing SaaS applications
