Cloud Security Engineer

Security Risk Advisors Intl., LLC (SRA) is offering a Cloud Security Engineer position. This role is responsible for designing, implementing, and maintaining security controls across SRA's multi-cloud environment, spanning Microsoft Azure/Entra ID, Google Cloud Platform (GCP), and Amazon Web Services (AWS). The Cloud Security Engineer will work closely with internal IT, security operations, and engineering teams to ensure cloud infrastructure is deployed and maintained in a secure, compliant, and resilient manner. 

Essential Functions 

• Design, implement, and maintain cloud security architectures across Azure/Entra ID, GCP, and AWS environments. 

• Administer and continuously improve cloud identity and access management (IAM) policies, roles, and privilege models across all three platforms. 

• Monitor cloud environments for misconfigurations, threats, and vulnerabilities using cloud-native and third-party security tooling (e.g., Defender for Cloud, Security Command Center, AWS Security Hub). 

• Operationalize cloud vulnerability and patch management processes, ensuring timely remediation of identified risks. 

• Implement and maintain Cloud Security Posture Management (CSPM) solutions to enforce security baselines and compliance standards. 

• Develop and enforce cloud security policies, standards, and guardrails (e.g., Azure Policy, GCP Organization Policies, AWS SCPs). 

• Collaborate with engineering and DevOps teams to embed security into CI/CD pipelines and infrastructure-as-code (IaC) workflows. 

• Conduct cloud security assessments and architecture reviews for new and existing environments. 

• Support incident response activities related to cloud infrastructure, including investigation, containment, and remediation. 

• Create and maintain technical documentation for cloud security architectures, configurations, and operational procedures. 

• Research and evaluate emerging cloud security technologies and provide recommendations for adoption. 

• Develop detection content and security analytics in SRA's internal SOC applicable to cloud environments. 

Competencies 

In-depth understanding of: 

• Microsoft Azure and Entra ID, including conditional access, PIM, and Defender for Cloud 

• Google Cloud Platform (GCP) security services, including Security Command Center, IAM, and VPC Service Controls 

• Amazon Web Services (AWS) security services, including IAM, GuardDuty, Security Hub, and AWS Config 

• Cloud identity and access management principles and zero trust architecture 

Working knowledge of: 

• Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) 

• Infrastructure-as-Code (IaC) tools such as Terraform, Bicep, or CloudFormation 

• Networking concepts as applied to cloud environments (VPCs, peering, private endpoints, firewalls) 

• SIEM and EDR technologies in cloud-integrated environments 

Experience with: 

• CI/CD pipeline security and DevSecOps practices 

• Organizing or supporting penetration testing, purple team exercises, or cloud-focused security assessments 

• Compliance frameworks relevant to cloud environments (e.g., CIS Benchmarks, NIST CSF, SOC 2) 

Moderate experience with: 

• Scripting and automation using Python, PowerShell, or Bash 

• Automation via tools such as Power Automate, Logic Apps, or cloud-native orchestration services 

Supervisory Responsibility  

None 

Work Environment  

This job operates on-site in a professional office environment or remotely as needed/required. This role routinely uses standard office equipment.  

Physical Demands  

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear; use hands to finger, handle, or feel; and reach with hands and arms. The employee frequently is required to stand and walk. This is a largely sedentary role.  

Candidates with disabilities are encouraged to apply and email careers@sra.io with any questions. Reasonable accommodations may be made to enable disabled individuals to perform the essential functions of this role.  

Position Type/Expected Hours of Work  

This is a full-time position and hours of work and days are Monday through Friday 8:30am to 5pm. Occasional evening and weekend work may be required as job duties demand.  

Travel  

Less than 5%. 

Required Education and Experience 

• Punctuality and timely attendance to external client and internal stakeholder needs. 

• A bachelor's degree in Information Technology, Computer Science, or a similar field of study, or equivalent experience. 

• 3+ years of hands-on experience in cloud security engineering or a related role, with demonstrable experience across at least two of the three major cloud platforms (Azure, GCP, AWS). 

• Relevant cloud security certifications preferred (e.g., AZ-500, SC-100, Google PCSE, AWS Security Specialty). 

• A passion for learning about cloud security, emerging technologies, and threat landscapes. 

• Excellent verbal and written communication skills. 

• Strong time management and organizational skills. 

Other Duties  

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.  

EEO Statement 

Security Risk Advisors is an Equal Opportunity Employer and prohibits discrimination or harassment of any kind. All employment decisions at SRA are based on business needs, job requirements, and individual qualifications, without regard to race, color, sex, sexual orientation, gender identity or expression, age, religion, national origin, disability, marital or family status, veteran status, medical condition, or any similar category protected under federal, state, or local laws.    

Work with Experts: Robust internal training program, plus Company-paid external training. SRA recognizes the value of professional development for employees. Therefore, we encourage our employees to pursue continuing education and role-specific training. Every SRA employee is eligible to attend one training per year paid for by SRA. 

Mental Health Services: SRA has partnered with BetterHelp to provide SRA employees with free mental health support. BetterHelp connects individuals with licensed therapists for chat, video, and phone sessions. 

Medical / Dental / Other (regular full-time employees only) 

• Generous medical, dental, and vision benefits at different price points. 

• Company-paid disability and life insurance. 

• Company 401(k) plan including annual 3% safe harbor contribution. 

• Free patient advocacy service that helps find care providers and resolve insurance queries. 

• Free financial advising. 

• Generous parental leave, sick leave, and vacation policies. 

• Possibility to work remotely or with a flexible schedule when needed and approved. 

• Company-paid cell phone with discounted accessories. 

• 1-2-3 Give Program: 1. SRA will give $1,000 to a charity of your choice. 2. If you give an additional amount (up to $1,000), then 3. SRA will match that amount up to $1,000. 

• Other discounted, employee-paid benefits including pet insurance, legal support, and voluntary life insurance. 

SRA’s mission is to level up every day to protect our clients and their customers. This begins with our team members and their experience. SRA prides itself on maintaining a culture where team members have a shared sense of support and belonging, consistent with our It’s Personal company value. At SRA, we prioritize transparent career pathing, varied DEI programming and community groups, competitive benefits including mental health support, and an emphasis on a sustainable, healthy, and engaging work culture. SRA has twice been named a Best Place to Work by the Philadelphia Business Journal. 

These Essential Functions, Requirements, and Skills are guidelines. If you are a candidate who does not meet this exact job description but can demonstrate excellent organization, attention to detail, professionalism, flexibility, and self-direction in your professional background, we hope you apply. SRA values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, and veterans to apply.  

Salary Range: $90k - 130k