Cloud Security Engineer
Position Summary
The Cloud Security Engineer (Advisory) plays a key role within the Information Security organization, providing technical and advisory guidance to strengthen the security of the firm’s cloud environment. Primarily Microsoft Azure, with expanding presence in AWS and Google Cloud Platform (GCP), 21ViaNet, Microsoft GCC.
Key Responsibilities
Partners with Cloud Services and IAM teams to ensure cloud configurations and identity controls meet firm security standards and compliance requirements
Participates in cloud architecture and design reviews, providing actionable recommendations that balance security, usability, and performance
Assists teams in interpreting and applying approved cloud security standards, policies, and baseline configurations
Provides advisory support for cloud security posture management (CSPM) findings helping to prioritize remediation and validate risk mitigation strategies
Supports data protection efforts by advising on encryption, information classification, and use of Microsoft Purview or equivalent tools
Collaborates with Information Governance, Risk, and Compliance teams to support audits and provide evidence of effective cloud security controls
Participates in the Information Security on call rotation, responding to incidents and assisting with cloud related investigations and remediation efforts
Maintains awareness of new cloud security features and shares practical recommendations to improve security posture across all cloud platforms
Contributes to internal technical documentation, such as standards, guidelines, and best practice advisories for cross team use
Performs other information security related tasks as assigned by management, supporting departmental objectives in risk reduction and security operations
Participates in the firm’s annual policy and SOP review process
Participates in the firm’s ISO certification process for cloud (ISO27017)
Qualifications
Working knowledge of AWS and GCP foundational security concepts (IAM, networking, encryption, monitoring)
Familiarity with CSPM/DSPM tools (e.g., Microsoft Defender for Cloud) and cloud compliance frameworks (CIS, NIST, CSA, ISO)
Strong understanding of identity and access management in cloud environments (RBAC, conditional access, privilege management)
Solid technical acumen to support incident response and analysis involving cloud workloads
Clear and confident communication skills, especially when conveying technical recommendations under time sensitive conditions
Detail oriented and able to collaborate effectively across multiple technology teams
Creates and delivers presentations to various audiences
Appears on camera for meetings with colleagues and vendors
Experience supporting incident response and on call functions within an information security context strongly desired
Experience working within regulated, legal, or professional services environments preferred but not required
Proficient in incorporating A.I. tools (GenAI, AI Assistants, Agentic AI, etc.) in day-to-day work