Job DescriptionBravoTech a Leader in IT Consulting is seeking a talented Information Security Cloud Engineer / Subject Matter Expert (SME) to lead the design, implementation, and operationalization of a comprehensive cloud security program.This consultant will establish cloud asset visibility, implement security controls, integrate continuous monitoring capabilities, and strengthen governance, risk, and compliance across enterprise cloud environments.Required Skills & Experience - 7+ years of Information Security, Cloud Security, or Security Engineering experience
- Strong expertise securing Azure, AWS, Google Cloud Platform, and/or Oracle Cloud Infrastructure (OCI)
- Experience with cloud security architecture, IAM, network segmentation, vulnerability management, logging, telemetry, and continuous monitoring
- Hands-on experience implementing cloud security baselines and remediation programs
- SIEM/SOC integration experience
- Experience securing Oracle environments including OCI, Oracle ERP/HCM, Oracle databases, and identity/access management
- Strong knowledge of NIST, CIS Controls, Zero Trust, risk management, and compliance frameworks
- Excellent communication, documentation, and stakeholder management skills
Preferred Certifications - CISSP
- CCSP
- CISM
- GIAC Cloud Security
- Azure Security Engineer
- AWS Security Specialty
- Equivalent cloud security certifications
Key Responsibilities - Assess cloud environments and security posture
- Establish enterprise cloud asset inventory and ownership mapping
- Develop and implement cloud security standards and hardening controls
- Integrate cloud environments into SOC and continuous monitoring platforms
- Define and report cloud security KPIs and risk metrics
- Support audit, compliance, and governance initiatives
- Create operational runbooks and provide knowledge transfer to internal teams
This role will establish enterprise-wide cloud asset visibility, implement standardized cloud security controls, and integrate continuous monitoring capabilities into the broader information security program. The consultant will serve as a hands-on technical leader focused on reducing cloud security risk, improving governance, strengthening compliance readiness, and enabling long-term operational sustainability.
The ideal candidate brings deep expertise across cloud security architecture, governance, monitoring, risk management, and Oracle-centric enterprise environments.
Job ResponsibilitiesCloud Security Assessment & Asset Visibility - Assess cloud environments, configurations, security posture, and billing structures, providing recommendations aligned to industry best practices
- Identify, document, and maintain a comprehensive inventory of cloud assets including:
- Accounts, subscriptions, and tenants
- Compute, storage, database, and networking resources
- Identity objects, service principals, and managed identities
- Security tooling integrations and logging sources
- Define asset ownership, business purpose, data classification, and production/non-production tiers
- Implement automated discovery and reconciliation processes where feasible
- Align inventory management practices with enterprise configuration management standards
Security Baseline & Cloud Hardening - Develop and implement cloud security baseline standards aligned with:
- Enterprise security policies
- Regulatory and compliance requirements
- Industry frameworks including NIST and CIS
- Establish and validate:
- Secure configuration standards
- Identity and access controls
- Logging, monitoring, and telemetry requirements
- Network segmentation and exposure controls
- Identify, prioritize, and remediate high-risk cloud misconfigurations
- Partner with Infrastructure, Engineering, Application, and Security teams to implement scalable and sustainable security controls
Continuous Monitoring & Detection - Integrate cloud environments with approved security monitoring and SOC platforms
- Enable continuous monitoring for:
- Configuration drift
- Unauthorized or insecure deployments
- Risky user and identity activity
- High-risk assets and sensitive workloads
- Establish centralized logging, alerting, escalation criteria, and detection use cases
- Tune monitoring capabilities to reduce noise while maintaining effective risk coverage
Governance, Risk & Compliance - Integrate cloud security findings into enterprise risk management and audit processes
- Define and report cloud security KPIs/KRIs including:
- Inventory accuracy and coverage
- Misconfiguration trends
- Remediation velocity
- Monitoring and detection effectiveness
- Produce documentation suitable for audit, regulatory, and executive review
- Support audits, tabletop exercises, and risk briefings as needed
Knowledge Transfer & Operational Sustainability - Develop operational runbooks, standards, and procedures for cloud inventory management, secure deployment practices, and monitoring escalation
- Provide knowledge transfer and mentoring to Information Security, SOC, IT, and Engineering teams
- Dedicate scheduled time weekly to enhance internal cloud security knowledge and operational maturity
- Ensure the cloud security program is scalable and sustainable beyond the engagement
Deliverables - Cloud asset inventory and ownership mapping
- Cloud environment security assessment
- Cloud security baseline standards and hardening documentation
- Risk-ranked remediation roadmap
- Monitoring architecture and SOC integration documentation
- Cloud security metrics and reporting framework
- Audit-ready documentation packages
- Operational runbooks and knowledge transfer materials
Success CriteriaThe engagement will be considered successful when:
- A complete and accurate cloud asset inventory is established and maintained
- Cloud security baselines are implemented and enforced
- Continuous monitoring is operational and integrated into security workflows
- Cloud security risks are measurable, reportable, and actionable at the executive level
- Internal teams are equipped to sustain cloud security operations after the engagement
Job Qualifications - 7+ years of experience in Information Security, Cloud Security, or Security Engineering roles
- Strong expertise securing enterprise cloud environments across Azure, AWS, Google Cloud Platform, and/or Oracle Cloud Infrastructure (OCI)
- Experience implementing cloud security controls including IAM, network segmentation, secure configuration standards, logging/telemetry, vulnerability management, and continuous monitoring
- Proven ability to establish cloud asset visibility, security baselines, remediation programs, and SOC/SIEM integrations
- Experience securing Oracle environments including OCI, Oracle ERP/HCM platforms, Oracle databases, and related identity/access controls
- Strong understanding of NIST, CIS, Zero Trust, risk management, and audit/compliance frameworks
- Ability to work cross-functionally with Infrastructure, Engineering, Security Operations, and Application teams
- Strong communication, documentation, and stakeholder management skills
- Hands-on technical expertise with the ability to balance strategic guidance and tactical execution
Preferred CertificationsCISSP, CCSP, CISM, GIAC Cloud Security, Azure Security Engineer, AWS Security Specialty, or equivalent cloud/security certifications preferred.
Candidates should reside in or near North Texas Or Durant, OK area OR within commuting distance from the following Texas cities: - Sherman, TX
- Denison, TX
- Tom Bean, TX
- Anna, TX
- Melissa, TX
- Frisco, TX
- McKinney, TX
- Gainesville, TX
- Howe, TX
Requirements: - Able to work Hybrid onsite 2 days a week.
- Must provide a valid Driver's License
- Ability to work a 6 month - 12 month contract via W2
#LI-AH1
Meet Your RecruiterAngela HardemonText me about this job - Please include your name and Job Title in your Text.Thanks! 
Never miss an opportunity! Create an alert based on the job you applied for.
