Application & Cloud Security Engineer (Full-Stack)

Eclaro's client is seeking a highly skilled Application & Cloud Security Engineer with full stack expertise to join their dynamic IT and security team. This fully onsite role in Alameda, CA, will focus on securing our applications, cloud infrastructure, and development pipelines while supporting our mission to deliver transformative therapies.

**NO 3RD PARTIES UNABLE TO SUBCONTRACT - THIS IS A 6 MONTH RIGHT TO HIRE OPPORTUNITY

Key Responsibilities:

• Collaboration & Communication: Collaboration with development teams and the ability to communicate complex security concepts to non-technical stakeholders
• Cloud security: Design, implement, and maintain security measures across applications, cloud environments, and full stack systems.
• Security testing and vulnerability management: Conduct security assessments, threat modeling, and vulnerability management for applications and cloud infrastructure. Exposure to Pen Testing, Fuzz Testing
• DevSecOps: Collaborate with development teams to integrate security best practices throughout the software development lifecycle (SDLC). Exposure and/or experience with Automated Security Testing, Integrating Security into CI/CD Pipelines, or implementing IaC security best practices.
• Monitor, detect, and respond to security incidents in cloud and application environments.
• Compliance and regulatory requirements: Ensure compliance with industry standards and regulatory requirements, including HIPAA, GDPR, and biotech-specific guidelines. Exposure to various Security Frameworks NIST, OWASP Top 10 etc.
• Develop and maintain security documentation, policies, and procedures.
• Provide guidance and mentorship to engineering teams on secure coding practices and cloud architecture security.
• Support DevSecOps initiatives to automate security into CI/CD pipelines.

Additional Experience:

• Experience with containerization (e.g., Docker) and orchestration (e.g., Kubernetes)

• Familiarity with security information and event management (SIEM) systems
• Knowledge of identity and access management (IAM) systems
• Experience with agile development methodologies and version control systems (e.g., Git)

Qualifications:

• Bachelor s degree in Computer Science, Information Security, or related field (or equivalent experience).
• Demonstrated experience in application and cloud security with hands-on full stack expertise.
• Deep understanding of cloud platforms (AWS, Azure, or Google Cloud Platform) and associated security practices.
• Experience with secure software development, including web and API security, containers, and microservices.
• Knowledge of security frameworks, tools, and protocols (OWASP, SAST/DAST, IAM, encryption, SIEM).
• Strong scripting/coding skills (Python, Java, JavaScript, or similar).
• Excellent problem-solving skills and ability to work collaboratively in a fast-paced biotech environment.
• Familiarity with regulatory compliance in biotech or healthcare a plus.

Additional Qualifications highly preferred:

• Certifications such as CISSP, CCSP, AWS/Azure Security Specialty, or GIAC.
• Exposure to biotech or healthcare compliance frameworks (HIPAA, GxP).
• Experience with SIEM tools (Splunk, ELK, Datadog Security).
• Background in threat hunting, penetration testing, or forensics.
• Strong mentorship, training, or leadership skills.