Senior Cloud Security Engineer

We are seeking a Senior Cloud Security Engineer to design, implement, and maintain secure, compliant, and resilient cloud infrastructures across AWS, Azure, and GCP. The role requires deep technical expertise in cloud security, compliance with regional and global regulations, and the ability to drive security transformation for mission-critical environments.

The candidate will work closely with architecture, DevOps, SOC, and regulatory teams to protect cloud workloads, ensure compliance, and strengthen trust in digital services.

Key Responsibilities

• Lead secure cloud architecture design and reviews for IaaS, PaaS, and SaaS workloads.

• Implement Identity and Access Management (IAM), RBAC, MFA, SSO, and secrets management.

• Build and enforce cloud security governance frameworks aligned with ISO 27001, NIST CSF, CIS benchmarks, and GCC regulatory bodies.

• Secure cloud networks (VPCs/VNets, security groups, firewalls, segmentation, VPN, private endpoints).

• Manage encryption, KMS/HSM, PKI, and secure key lifecycle management.

• Integrate security into CI/CD pipelines with DevSecOps practices (IaC scanning, SAST, DAST, container security).

• Deploy and manage cloud-native security tools (AWS GuardDuty, Azure Defender, GCP SCC).

• Threat detection and monitoring using SIEM/SOAR (Splunk, Sentinel, QRadar, Elastic).

• Conduct vulnerability management and remediation for cloud workloads, including containers and serverless.

• Lead incident response, digital forensics, and root cause analysis for cloud incidents.

• Ensure compliance with GCC and international data regulations (see section below).

• Mentor junior engineers and promote a security-first culture across teams.

• Strong expertise in AWS, Azure, and/or GCP cloud security services.

• DevSecOps & IaC Security (Terraform, CloudFormation, ARM Templates, Kubernetes, Docker security).

• Zero Trust Architecture and SASE frameworks.

• Cloud Posture Management (CSPM) and Workload Protection (CWPP) tools.

• Familiarity with multi-cloud and hybrid cloud models.

• Strong scripting & automation (Python, Bash, PowerShell).

• API security, microservices security, and serverless protection.

• Threat intelligence & SOC collaboration.

• Regulatory & Compliance Knowledge (GCC Focus)

Qualifications

• Bachelor’s or Master’s in Computer Science, Information Security, or equivalent.

• 6–10+ years in cybersecurity, with 4+ years focused on cloud security engineering.

• Hands-on multi-cloud experience (AWS, Azure, GCP).

• Deep understanding of network security, IAM, and encryption.

• Strong incident response and forensic skills in cloud environments.

• Certifications (highly valued in GCC):

o AWS Certified Security – Specialty

o Microsoft Certified: Azure Security Engineer Associate / Expert

o Google Professional Cloud Security Engineer

o CISSP / CCSP

o CISM / ISO 27001 Lead Implementer (bonus)

Job Type: Full-time