Senior Cloud Engineer - Security

Summary

Join Centric Software as a Senior Cloud Engineer - Security and play a crucial role in securing our cloud infrastructure. This remote position, open to candidates in Canada and the US, requires expert-level knowledge of cloud security architectures and practices across AWS, Azure, and GCP. You will implement and optimize DevSecOps processes, design robust security solutions, and manage cloud security threats and vulnerabilities. The ideal candidate possesses 6+ years of experience in a security-focused role and a deep understanding of security best practices and compliance frameworks. This role demands hands-on experience with DevOps tools, automation, and scripting. A competitive salary and benefits package are offered.

Requirements

• Proven experience (6+ years) in a security focused role
• In-depth knowledge of security best practices and industry standards
• Understanding and hands-on experience with cloud platforms
• Experience with cloud-native and serverless technologies
• Experience in making nuanced threat and risk assessments
• Experience with NIST, SOX, ISO, SOC2, GDPR, and other compliance and regulatory frameworks
• Experience in building repeatable/reusable security processes and frameworks
• Hands-on experience with DevOps tools and practices (e.g., CI/CD, containerization, infrastructure as code)
• Must have experience in automation, scripting, and business intelligence

Responsibilities

• Implement and optimize DevSecOps automation processes, ensuring seamless integration of security into the development lifecycle
• Design and implement robust security solutions for cloud environments across multiple cloud platforms (AWS, Azure, GCP)
• Demonstrate an understanding of Infrastructure as Code (IaC) best practices and possess strong experience in building Terraform modules and CloudFormation stacks for AWS
• Understanding of server orchestration and configuration practices and strong experience in key technologies such as Ansible or Puppet
• Responsible for managing cloud security, which includes identifying, tracking, and advising on all cloud security threats and vulnerabilities
• Responsible for investigating, remediating, and conducting root cause analysis of all cloud security events escalated from EDRs, CSPMs, SIEMs, and other notification mechanisms
• Evaluate and deploy advanced cloud-native security tools and technologies
• Work closely with relevant teams to foster a culture of security and ensure a unified approach to securing cloud infrastructure
• Stay updated on emerging technologies in cloud security, AI, and automation, and apply innovative solutions to enhance the security framework

Preferred Qualifications

• Experience in deploying SIEM solutions (Exabeam)
• Experience in EDR and CSPM solutions (Crowdstrike)
• Experience with SAST, DAST and SCA tools (Veracode, Black Duck)
• Experience with SDLC, version control and DevSecOps practices
• Certifications such as AWS Certified Security, Azure Security Engineer, CISSP, CISM are a plus

Benefits

The US base salary range for this full-time position is $160,000 - $200,000 + benefits