Cloud Security Engineer

Overview

On Site
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

IaC Security
Kusto Query Language
Azure Data Explorer

Job Details

Role: Cloud Security Engineer Location: Bellevue, WA (Onsite role)

The Cloud security SME is responsible for support cloud security initiatives by enhancing IaC security processes and fine-tuning native firewalls (e.g., AWS Security Groups, Azure NSGs, Google Cloud Platform Firewall Rules) to align with best practices and compliance requirements

Key Responsibilities:

IaC Security Scanning & Hardening:
Integrate IaC security scanning tools (e.g., Checkov, TFSec, Snyk IaC, Terraform Validator) into CI/CD pipelines.
Analyze and remediate findings from IaC scans (Terraform, CloudFormation, ARM templates).
Develop custom policies for IaC scanning tools based on organizational security standards.

Firewall Implementation & Tuning:
Design and implement native firewall rules across cloud platforms (AWS, Azure, Google Cloud Platform).
Perform rule optimization, consolidation, and risk-based tuning to reduce attack surfaces.
Conduct regular reviews and audits of firewall configurations and access controls.

Risk Management & Compliance:
Align firewall and IaC security policies with industry standards (NIST, CIS, ISO 27001).
Support internal and external audits by providing documentation and evidence of controls.

Requirements:
7+ years of experience in cloud security, network security, or DevSecOps.
Hands-on experience with Terraform, CloudFormation, or other IaC tools.
Deep understanding of cloud-native firewall services (AWS, Azure, Google Cloud Platform).
Proficiency in security tools: Checkov, Prisma Cloud, Aqua, Snyk, etc.
Certifications preferred: AWS/Azure/Google Cloud Platform Security Specialty, CISSP, CCSP, Terraform Associate.
Proficiency in Automation by using Powershell, Bash and Python, etc.
Hands on experience in network security, specifically managing and operating Azure Firewall.
Good knowledge of Azure networking concepts (VNets, Subnets, UDRs, Service Endpoints, Private Endpoints, Load Balancers)
High proficiency in Kusto Query Language (KQL) and practical experience using Azure Data Explorer (ADX) or Azure Log Analytics for network security analysis.
Advanced skills in Microsoft Excel for data manipulation, pivot tables, charting, and report generation from security log data.
Excellent analytical and deductive reasoning skills to troubleshoot and solve complex network issues.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Laiba Technologies LLC