Cloud Security Engineer
About the role
The Senior Cloud Security & Identity Engineer (SecOps) is a senior individual contributor responsible for defining, enforcing, and monitoring cloud security and identity guardrails to ensure cloud workloads are secure, compliant, resilient, and ready for customer usage. Operating within the Cloud Center of Excellence (CCoE) and in close partnership with Software Excellence & Enablement (SEE), this role builds security into the delivery system through consistent baselines, identity patterns, policy-as-code, and evidence-based verification.
Job Functions
- Define, maintain, and evolve cloud security baselines across both Azure and On-Prem environments.
- Design and enforce secure workload identity and access patterns using least privilege principles.
- Implement and maintain policy-as-code guardrails using Azure Policy and Infrastructure-as-Code pipelines.
- Monitor cloud security posture and configure alerts using Defender for Cloud, Sentinel, and Log Analytics.
- Partner with Engineering and Operations to remediate vulnerabilities in a timely and sustainable manner.
- Support Release Readiness, Operational Readiness, and Cloud Activation through objective security evidence.
- Validate backup, restore, and disaster recovery results as part of operational readiness.
- Support security incident triage, investigation, and root-cause analysis for cloud workloads.
- Reduce noise by tuning alerts and focusing on high-signal security indicators.
- Provide clear, practical guidance to engineering teams that enables secure delivery without friction.
- Monitor drift from security standards and drive remediation with clear owners and timelines.
- Provide transparent, factual summaries of cloud security posture, trends, and risks to leadership.
- Build a culture of security awareness and mentor developers and leaders in the principles of software security.
Required Qualifications And Preferred Skills
- Bachelor's Degree in Computer Science, Engineering, Information Systems, or a related technical field; equivalent experience may be considered.
- 4+ years Experience in cloud security, SecOps, cloud identity, or security engineering roles.
- Strong hands-on experience securing cloud workloads in Azure environments.
- Deep knowledge of cloud identity models, including managed identities, service principals, RBAC, and conditional access.
- Familiarity with Azure Policy, Defender for Cloud, Sentinel, and Log Analytics.
- Experience implementing security controls through Infrastructure-as-Code.
- Understanding of modern cloud security principles such as Zero Trust and least privilege.
- Experience supporting incident response and resilience validation.
- Ability to communicate security expectations clearly and pragmatically.
- Experience embedding security into delivery processes rather than retrofitting controls.
- Certifications such as AZ-500, SC-300, SC-100, or equivalent experience (preferred, not required).
About Toyota Automated Logistics
Toyota Automated Logistics is your global partner for integrated warehouse automation. Our team combines the talents of Bastian Solutions, Vanderlande's warehousing business and viastore under one brand to deliver scalable systems, intelligent software and life-cycle services. In addition to exciting work at a growing company, we offer the following benefits:
- Health, Dental, and Vision Insurance
- 401(k) Retirement Plan with a company match
- Vacation / Holiday Pay
- Paid Volunteer time off
- Tuition Reimbursement
- Professional Associations, Conferences and Subscriptions
- Company Meetings & Events