Lead Cloud Security Engineer

We are seeking a highly skilled and experienced Lead Cloud Security Engineer with a strong focus on CIEM (Cloud Infrastructure Entitlement Management) and Just-in-Time (JIT) access platforms. This role is ideal for a professional with 6-8 years of hands-on experience in cloud security, particularly across AWS, Azure, and Google Cloud Platform environments. If you are passionate about enforcing least privilege access, reducing risk exposure, and driving compliance through innovative security solutions, we'd love to hear from you.

This position offers remote setup with the flexibility to work from any location in Georgia, whether it's your home, well-equipped offices in Tbilisi and Batumi or a coworking space in Kutaisi.

RESPONSIBILITIES

• Design, implement, and manage CIEM and JIT access solutions to enhance cloud security posture
• Collaborate with cloud architects and security teams to enforce least privilege principles and streamline access management
• Conduct regular access reviews, entitlement analysis, and remediation efforts to ensure compliance with regulatory requirements
• Integrate CIEM/JIT platforms with existing security tools to provide comprehensive visibility and risk mitigation
• Develop and maintain automation scripts to optimize identity and access management processes
• Provide expert guidance on IAM policies, identity lifecycle management, and access automation strategies
• Communicate effectively with stakeholders to ensure alignment on security objectives and deliverables

REQUIREMENTS

• A minimum of 6 years of experience in cloud security, with at least 1 year in a leadership role
• Proven expertise in implementing and managing CIEM solutions (e.g., Microsoft Entra Permissions Management, Tenable) to enforce least-privilege access across multi-cloud environments
• Hands-on experience with Just-in-Time (JIT) access implementation for privileged roles to minimize standing access and mitigate risks
• Strong understanding of RBAC, ABAC, and IAM policies in AWS and Azure, with a focus on identity lifecycle management and access automation
• Experience integrating CIEM/JIT platforms with tools like Tenable to ensure continuous visibility into identity-related risks and misconfigurations
• Proficiency in conducting identity discovery, access reviews, entitlement mapping, and remediation workflows to support compliance with standards such as ISO, SOX, and GDPR
• Knowledge of scripting (e.g., Python, Boto3) to automate processes and enhance platform functionality
• English level of minimum B2 (Upper-Intermediate) for effective communication

WE OFFER

• We connect like-minded people
• Delivering innovative solutions to industry leaders, making a global impact
• Enjoyable working environment, whether it is the vibrant office or the comfort of your own home
• Opportunity to work abroad for up to two months per year
• Relocation opportunities within our offices in 55+ countries
• Corporate and social events
• We invest in your growth
• Leadership development, career advising, soft skills and well-being programs
• Certifications, including Google Cloud Platform, Azure and AWS
• Unlimited access to LinkedIn Learning and Get Abstract
• Free English classes with certified teachers
• We cover it all
• Participation in the Employee Stock Purchase Plan
• Monetary bonuses for engaging in the referral program
• Comprehensive medical & family care package
• Five trust days per year (sick leave without a medical certificate)
• Benefits package (sports activities, a variety of stores and services)