About

We’re looking for a Cloud Security & Governance Engineer who can design, automate, and enforce cloud controls at scale. If you enjoy building policy-as-code frameworks, enabling shift-left security, and strengthening cloud governance across complex environments, this role is for you.The RoleYou’ll own the design and implementation of organization-wide cloud controls across AWS and Azure. You’ll work closely with DevOps, Security, Risk, and Compliance teams to embed secure-by-default practices and ensure continuous adherence to security and regulatory requirements. This is a hands-on engineering role where you’ll build automation, develop policy frameworks, and help teams remediate issues efficiently.Key ResponsibilitiesDesign, implement, and manage organization-wide cloud controls using Azure Policies, AWS Organizations, SCPs, Config Rules, and Cloud CustodianArchitect and enforce Zero Trust and least-privilege models (RBAC, PBAC), region restrictions, and platform security controlsCollaborate with DevOps/Cybersecurity teams to resolve non-compliant cloud resourcesMonitor control effectiveness and drive continuous improvement of cloud governanceProvide technical leadership and mentor teams on cloud policy best practicesWork with risk, compliance, and audit teams to produce control evidenceImplement and manage CNAP policies using Wiz for posture assessment and remediationEmbed security early by integrating vulnerability scanning, IaC policy enforcement, and compliance checks into GitLab CI/CDDevelop policy-as-code frameworks using OPA/Rego to prevent misconfigurations pre-deploymentIntegrate security controls into Terraform and other IaC workflowsChampion shift-left practices—enabling developers to self-remediate issues during build and coding stagesBuild SOAR playbooks to automate response and remediation workflow