Cloud Security Engineer - CSPM Migration (Orca)

Title: Cloud Security Engineer - CSPM Migration Team Member (Orca)

Location: Remote; CST Time-Zone

Compensation: $55 - $65/hr

Our client is decommissioning a legacy Cloud Security Posture Management (CSPM) platform and migrating to Orca Security across a multi-cloud estate (? 80% AWS / 15% Azure / small Google Cloud Platform footprint). Reporting to the Migration Lead, you will join a cross-functional squad to translate existing rules and policies into Orca, stand up and fine-tune scans, and integrate findings into the client's vulnerability-management workflow. This is a contributing engineer role-not a team-lead position.

Responsibilities

• Inventory legacy CSPM rulesets and recreate or optimize them in Orca.


• Generate posture queries and compliance policies aligned to CIS, NIST, ISO, and client-specific standards.


• Assist the team in onboarding cloud accounts, configuring scanning schedules, and tuning alert pipelines.


• Validate rule accuracy and coverage; troubleshoot false positives/negatives alongside senior engineers.


• Correlate Orca findings with existing tools (Tenable, Rapid7, Prisma, Wiz, etc.).


• Tag, triage, and prioritize issues for remediation based on risk and business impact.


• Pair with IaC, DevOps, and platform engineers to embed Orca posture checks in CI/CD workflows.


• Contribute to runbooks, quick-start guides, and end-user training sessions.


• Surface opportunities to streamline rulesets, reduce noise, and improve detection fidelity.


• Provide feedback on migration playbooks to accelerate future rollouts.

Skills Required

• 3-5 years in cloud security engineering, DevSecOps, or vulnerability management.


• Hands-on with at least one major cloud platform (AWS, Azure, or Google Cloud Platform).


• Practical experience with CSPM or vulnerability-scanning tools-ideally Orca; Prisma Cloud, Wiz, Lacework, Tenable, or Rapid7 acceptable.


• Proven ability to write / adapt CSPM rules, queries, and compliance policies (CIS, NIST, ISO, or custom).


• Working knowledge of IAM principles and least-privilege design.


• Light scripting (Python, Bash, PowerShell) for automation is a plus but not the primary focus.


• Familiarity with Infrastructure as Code (Terraform, CloudFormation, ARM).

Education & Work Experience

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a closely related field.


• Preferred certifications (any of the following boosts candidacy):


• Cloud security: AWS Certified Security - Specialty, Azure Security Engineer (AZ-500), Google Cloud Professional Cloud Security Engineer


• Industry: CISSP, CCSP, or GIAC (GSECSA)


• Tool-specific: Orca Security Practitioner, Prisma Cloud, Wiz, or Lacework certifications


• Continuing education inDevSecOps,IaC, or vulnerability-management tooling is valued and should be highlighted.
  

  Nice-to-Have / Differentiators

  
  
  
  
  • Direct Orca Security deployment experience (highly preferred).
  
  
  • Past use of configuration-management tools (Ansible, Puppet, Chef).
  
  
  • Exposure to CASB solutions or cloud access governance.
  
  
  
  

About Korn Ferry

Korn Ferry unleashes potential in people, teams, and organizations. We work with our clients to design optimal organization structures, roles, and responsibilities. We help them hire the right people and advise them on how to reward and motivate their workforce while developing professionals as they navigate and advance their careers. To learn more, please visit Korn Ferry at ;/span>