Cloud Security Engineer

• Bachelor's degree in Computer Science, Information Security, or related field.
• 7+ years of experience in security engineering, cloud security, or compliance roles.
• Strong knowledge of cloud security principles, architectures, and practices.
• Familiarity with security frameworks and best practices: CIS v8, NIST, ISO 27001, CSA.
• Hands-on experience with cloud platforms (AWS, Azure, GCP) and relevant security tools (SIEM, WAF, vulnerability scanners, pen testing tools).
• Experience writing and maintaining security documentation (policies, standards, guidelines).

Technical Expertise:

• Strong understanding of OWASP Web/API vulnerabilities (CSRF, XSS, SQL Injection, etc.) and appropriate mitigations.
• Expertise in API security mechanisms (OIDC, OAuth2, Spring Security, HMAC, WS-Security, WS-Trust).
• Solid grasp of cryptographic concepts (Encryption, Authentication, Symmetric & Asymmetric Cryptography).
• Scripting experience in Python, Bash, or PowerShell for automation and tooling.
• In-depth knowledge of regulatory compliance standards: SOC 2, PCI DSS, HIPAA, GDPR.

Soft Skills:

• Excellent communication skills, able to explain complex security concepts to technical and non-technical audiences.
• Strong attention to detail, with a focus on quality assurance and documentation.
• Effective collaborator with cross-functional teams in cloud and security environments.

Certifications (Mandatory):

• One or more: AWS Certified Security – Specialty, Azure Security Engineer, CCSK, CCSP.