Lead Cloud Security Engineer
Chamberlain Group · Oak Brook, IL · 5 days ago
HybridInformation Technology$103k–$193k/yrFull-time
Architect and enforce cloud security controls
- Design and implement cloud security controls across AWS and Azure, including IAM policies, network segmentation, encryption, and logging configurations.
- Manage and optimize cloud security posture management (CSPM) and cloud workload protection (CWPP) tooling.
- Conduct cloud security assessments, identify misconfigurations, and drive remediation with engineering teams.
- Design and implement guardrails for Infrastructure-as-Code (IaC) pipelines (Terraform, CloudFormation, Bicep) to prevent insecure deployments.
Monitor and respond to cloud-specific threats
- Monitor and respond to cloud-specific threats, integrating cloud telemetry into SIEM and detection workflows.
Evaluate and harden container and serverless architectures
- Evaluate and harden container and serverless architectures (EKS, ECS, Lambda, AKS, Azure Functions).
Support incident response activities
- Support incident response activities for cloud-based security events.
Partner with Engineering and Application Development teams
- Partner with Engineering, and Application Development teams to embed security into CI/CD pipelines.
- Provide technical input on cloud security tooling decisions, vendor evaluations, and proof-of-concept testing.
Stay current on cloud provider security features
- Stay current on cloud provider security features, emerging threats, and evolving compliance requirements (SOC 2, ISO 27001, NIST CSF, PCI DSS as applicable).
Protect Chamberlain Group’s reputation
- Protect Chamberlain Group’s reputation by keeping information confidential.
Communicate and collaborate
- Maintain transparent communication by appropriately communicating organization information to team through department meetings, one-on-one meetings, appropriate email, IM and regular interpersonal communications.
- Lead and motivate individuals and teams to create a workplace culture that is consistent.
- Collaborate with engineering, IT, and product teams.
Performance Management and Compensation
- Drive the performance management and compensation processes by communicating job expectations, monitoring and evaluating performance, providing feedback and facilitating employee development per the company’s policies.
Workplace Culture
- Lead and motivate individuals and teams to create a workplace culture that is consistent.
Qualifications
- Education/Certifications: Bachelor's degree in Computer Science, Information Security, Information Technology, or a related field. Experience: 7+ years of progressive experience in information security, with at least 4 years focused on cloud security engineering.
- Knowledge, Skills, and Abilities: Deep hands-on experience with both AWS and Microsoft Azure security services, including: AWS: IAM, GuardDuty, Security Hub, CloudTrail, Config, KMS, VPC security, WAF, Organizations/SCPs. Azure: Entra ID, Defender for Cloud, Azure Policy, Key Vault, NSGs, Azure Monitor, Sentinel.
- Strong experience with cloud security posture management (CSPM) platforms (e.g., Wiz, Orca, Rapid7 InsightCloudSec, CrowdStrike Falcon Cloud Security, or equivalent).
- Working knowledge of Infrastructure-as-Code (Terraform, CloudFormation, or ARM/Bicep templates) and securing IaC pipelines.
- Experience with container security (Docker, Kubernetes) and serverless security patterns.
- Capable of persuading non-security leaders (e.g., IT Ops, Engineering, Product) by linking security initiatives to operational continuity, consumer trust, and compliance posture.
- Solid understanding of network security principles applied to cloud environments (VPCs, transit gateways, private endpoints, zero trust network architecture).
- Familiarity with CI/CD security integration and DevSecOps practices.
- Able to communicate complex technical concepts to both engineering peers and non-technical stakeholders.
Pay Range
The pay range for this position is $102,600.00 - $193,425.00; base pay offered may vary depending on a number of factors including, but not limited to, the position offered, location, education, training, and/or experience.
Benefits
- A comprehensive benefits package.
- 401k contribution (all benefits are subject to eligibility requirements).
Short-Term Incentive Plan
- This position is eligible for participation in a short-term incentive plan subject to the terms of the applicable plans and policies.