Senior Cloud Security Engineer

Position Summary

The Senior Cloud Security Engineer will lead the deployment, integration, and operationalization of Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) across a multi-cloud environment. This role requires deep technical expertise in cloud security engineering, strong interpersonal skills, and a proactive mindset to ensure enterprise-wide visibility and security of cloud-based technologies and services.

This is a hands-on individual contributor role focused on designing, implementing, and continuously improving cloud security controls aligned with industry best practices and regulatory standards.

Primary Responsibilities

• Design, implement, maintain, and enhance CSPM and CWPP solutions across AWS, Azure, and Google Cloud Platform.
• Deploy and manage Palo Alto Networks security solutions, including Prisma Cloud, cloud firewalls, and threat prevention capabilities.
• Architect and enforce security controls to protect cloud infrastructure, workloads, and sensitive data.
• Perform regular security assessments, risk analysis, and audits to ensure compliance with FedRAMP, NIST, and other regulatory frameworks.
• Collaborate with cross-functional teams (Cloud Engineering, DevOps, Architecture, Compliance) to define security requirements and deliver secure cloud solutions.
• Develop, maintain, and update cloud security documentation, including policies, standards, procedures, and runbooks.
• Monitor emerging cloud security threats, vulnerabilities, and technologies; recommend and implement continuous improvements.
• Provide mentorship and technical guidance to junior security engineers and project team members.

Required Qualifications

• 3 4+ years of experience in Cloud Security Engineering, with 2+ years in a senior or lead capacity.
• 2+ years of hands-on experience working in AWS, Azure, or Google Cloud Platform within an enterprise environment.
• Experience with Palo Alto Networks technologies, including Prisma Cloud, cloud firewalls, and threat detection tools.
• 2+ years of experience in scripting and automation for cloud deployments using Python, Terraform, CloudFormation, or similar tools.
• 2+ years of experience securing containerized environments using Docker, Kubernetes, and related orchestration platforms.
• 3+ years of experience working across multiple operating systems (Linux, Windows, Ubuntu, etc.).

Preferred Qualifications

• Strong experience with DevSecOps practices and embedding security into CI/CD pipelines.
• Knowledge of advanced cloud threat detection, incident response, and remediation techniques.
• In-depth familiarity with FedRAMP and NIST security frameworks and compliance requirements.
• Solid understanding of core security principles, including Networking, Encryption, IAM, and Zero Trust.
• Excellent written and verbal communication skills with the ability to collaborate effectively across teams.
• Proven analytical and problem-solving skills with the ability to address complex security challenges.
• Security certifications such as CISSP, CCSP, Palo Alto (PCNSE/Prisma Cloud), or equivalent are highly preferred.