Cloud Security Engineer

Security Risk Advisors Intl., LLC (SRA) is offering a Cloud Security Engineer position. This roleis responsible fordesigning, implementing, andmaintainingsecurity controls across SRA's multi-cloud environment, spanning Microsoft Azure/Entra ID, Google Cloud Platform (GCP), and Amazon Web Services (AWS). The Cloud Security Engineer will work closely with internal IT, security operations, and engineering teams to ensure cloud infrastructure is deployed andmaintainedin a secure, compliant, and resilient manner.

Essential Functions

• Design, implement, andmaintaincloud security architectures across Azure/Entra ID, GCP, and AWS environments.

• Administer and continuously improve cloud identity and access management (IAM) policies, roles, and privilege models across all three platforms.

• Monitor cloud environments for misconfigurations, threats, and vulnerabilities using cloud-native and third-party security tooling (e.g., Defender for Cloud, Security Command Center, AWS Security Hub).

• Operationalize cloud vulnerability and patch management processes, ensuringtimelyremediation of identified risks.

• Implement andmaintainCloud Security Posture Management (CSPM) solutions to enforce security baselines and compliance standards.

• Develop and enforce cloud security policies, standards, and guardrails (e.g., Azure Policy, GCP Organization Policies, AWS SCPs).

• Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines and infrastructure-as-code (IaC) workflows.

• Conduct cloud security assessments and architecture reviews for new and existing environments.

• Support incident response activities related to cloud infrastructure, including investigation, containment, and remediation.

• Create andmaintaintechnical documentation for cloud security architectures, configurations, and operational procedures.

• Research and evaluate emerging cloud security technologies and provide recommendations for adoption.

• Developdetectioncontent and security analytics in SRA's internal SOC applicable to cloud environments.

Requirements

Competencies

In-depth understanding of:

• Microsoft Azure and Entra ID, including conditional access, PIM, and Defender for Cloud

• Google Cloud Platform (GCP) security services, including Security Command Center, IAM, and VPC Service Controls

• Amazon Web Services (AWS) security services, including IAM,GuardDuty, Security Hub, and AWS Config

• Cloud identity and access management principles and zero trust architecture

Working knowledge of:

• Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP)

• Infrastructure-as-Code (IaC) tools such as Terraform, Bicep, or CloudFormation

• Networking concepts as applied to cloud environments (VPCs, peering, private endpoints, firewalls)

• SIEM and EDR technologies in cloud-integrated environments

Experience with:

• CI/CD pipeline security andDevSecOpspractices

• Organizing or supporting penetration testing, purple team exercises, or cloud-focused security assessments

• Compliance frameworks relevant to cloud environments (e.g., CIS Benchmarks, NIST CSF, SOC 2)

Moderate experience with:

• Scripting and automation using Python, PowerShell, or Bash

• Automation via tools such as Power Automate, Logic Apps, or cloud-native orchestration services

Supervisory Responsibility

None

Work Environment

This joboperates on-sitein a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employeeis regularly required totalk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employeefrequentlyis required tostand and walk. This is alargely sedentaryrole.

Candidates with disabilities are encouraged to apply and [email protected] any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.

Position Type/Expected Hours of Work

This is a full-timepositionand hours of work and days are Monday through Friday 8:30am to 5pm.Occasional evening and weekend work may berequiredas job duties demand.

Travel

Less than 5%.

Required Education and Experience

• Punctuality andtimelyattendance to external client and internal stakeholder needs.

• Abachelor's degree in Information Technology, Computer Science, or a similar field of study, or equivalent experience.

• 3+ years of hands-on experience in cloud security engineering or a related role, with demonstrable experience across at least two of the three major cloud platforms (Azure, GCP, AWS).

• Relevant cloud security certifications preferred (e.g., AZ-500, SC-100, Google PCSE, AWS Security Specialty).

• A passionfor learning about cloud security, emerging technologies, and threat landscapes.

• Excellent verbal and written communication skills.

• Strong time management and organizational skills.

Other Duties

Pleasenotethis job description is not designed to cover orcontaina comprehensive listing of activities, duties or responsibilities that arerequired ofthe employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.

EEO Statement

Security Risk Advisorsisan Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.

Benefits

Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA.

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video, and phone sessions.

Medical / Dental / Other (regular full-time employees only)

• Generous medical, dental, and vision benefits at different price points.

• Company-paid disability and life insurance.

• Company 401(k) plan including annual 3% safe harbor contribution.

• Free patient advocacy service that helps find care providers and resolve insurance queries.

• Free financial advising.

• Generous parental leave, sick leave, and vacation policies.

• Possibility to work remotely or with a flexible schedule when needed and approved.

• Company-paid cell phone with discounted accessories.

• 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000.

• Other discounted, employee-paid benefits including pet insurance, legal support, and voluntary life insurance.

SRAs mission is tolevel up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself onmaintaininga culture where team members have a shared sense of support and belonging, consistent withour ItsPersonal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been nameda BestPlace to Work by the Philadelphia Business Journal.

These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but candemonstrateexcellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.

Salary Range: $90k - 130k