Cloud Security Engineer (Remote Eligible)

Ardent Mills

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in computer science/engineering or equivalent experience.
  • 4-7 years of cloud security engineering experience with a major cloud service provider (CSP).
  • Strong knowledge of IAM, networking, encryption, and cloud-native security tools.
  • Experience securing hybrid environments (on-premises and Azure).
  • Proficiency in scripting/automation (Python, Bash, PowerShell; Terraform, Bicep, ARM).
  • Relevant certifications such as CCSP, AWS Certified Security - Specialty, or Azure Security Engineer Associate.

Responsibilities

  • Lead design and implementation of cloud landing zones and network controls.
  • Configure cloud-native security services like Microsoft Defender for Cloud.
  • Build posture management and workload protection with policy-as-code.
  • Implement key management and encryption using cloud services.
  • Establish logging, telemetry, and alerting integrated with SIEM/XDR.
  • Determine architecture to enhance security for serverless containers and managed services.
  • Perform threat modeling and security reviews of architectures and designs.
  • Respond to cloud incidents, performing triage and post-incident improvements.
  • Document standards and conduct enablement sessions with dev and ops teams.
  • Contribute to the cloud security strategy and program maturity.

Benefits

  • Remote eligible with occasional after-hours support for incidents.
  • Participates in an on-call rotation for major incidents.
  • Opportunities for professional growth and certifications.
Full Job Description
The Cloud Security Engineer engineers and operates security controls across Azure environments and other leading cloud platforms as needed. This role builds guardrails, monitors posture, and responds to cloud threats while enabling teams to move quickly and safely. Additionally, this role focuses on cloud security architecture, best practices, resource standards, configuration management, and detection.

Cloud Security EngineerPosition Summary:
As a Cloud Security Engineer, you will design, implement, and operate security controls primarily across Microsoft Azure environments, with potential expansion to other leading cloud platforms over time. You will build guardrails, monitor posture, and respond to cloud threats while enabling teams to move quickly and safely. Focus on cloud security architecture, best practices, resource standards, configuration management and detection.
Your responsibilities:
  • Lead design and implementation for cloud landing zones, identity, and network controls (VPC/VNet, security groups/NSGs, private endpoints).
  • Configure cloud-native security services (e.g., Microsoft Defender for Cloud, Microsoft Sentinel, Defender XDR).
  • Build posture management (CSPM) and workload protection (CWPP) with policy-as-code and automated remediation.
  • Implement key management, encryption at rest/in transit, and certificate governance using KMS/Key Vault/Cloud KMS.
  • Establish logging, telemetry, and alerting (Azure Monitor) integrated to SIEM/XDR. Work with key team members across IT and Security to test and validate total coverage / maturity of detection telemetry from cloud native sources.
  • Determine architecture as needed to harden serverless containers, and managed services (Functions, Logic Apps, Container Apps, AKS, ACI) with baseline controls.
  • Perform threat modeling and security reviews for cloud architectures and application designs.
  • Partner with platform and product teams to deliver IaC guardrails, image baselines, and patch/vulnerability workflows.
  • Respond to cloud incidents as a point of escalation; perform triage, containment, and post-incident improvements. Develop automation architecture where applicable to optimize cloud detection and response capabilities. Leverage automation and AI-assisted capabilities where appropriate to enhance cloud detection and response.
  • Document standards and runbooks; conduct enablement sessions with dev and ops teams.
  • Design partner in cloud security strategy and program maturity.
Essential skills and experience:
  • Bachelor's in computer science/engineering or equivalent experience.
  • 4-7 years in cloud security engineering across at least one major CSP.
  • Strong knowledge of IAM, networking, encryption, and cloud-native security tooling.
  • Experience securing hybrid environments spanning on-premises and Azure cloud.
  • Scripting/automation expertise (Python/Bash/PowerShell; Terraform/Bicep/ARM).
  • Certifications: CCSP; AWS Certified Security - Specialty, Azure Security Engineer Associate (AZ-500), or Google Professional Cloud Security Engineer.
Good to have:
  • Experience with CIEM solutions and multi-cloud governance.
  • Certifications: GIAC Cloud (GCSA/GPCS), CNCF CKA/CKS, vendor pro-level architect certs.
Physical requirements and working conditions (with or without reasonable accommodation):
  • Remote eligible; occasional after-hours support for incidents. On-call rotation for major incidents.
Other considerations:
  • May support cloud migration programs and control design reviews.

Similar Jobs

More Jobs at Ardent Mills

More Information Technology Jobs

Find similar Cloud Security Engineer (Remote Eligible) jobs: