Cloud Support Engineer - Security

The Cloud Support Engineer - Security is responsible for the day-to-day security posture of cloud platforms and services, with a focus on AWS and Azure and supporting platforms such as M365 and Databricks. This role partners with engineering and operations teams to design secure cloud architectures, implement preventative and detective controls, monitor for threats, respond to incidents, and continuously improve compliance and governance across cloud environments., * Secure Architecture & Design Reviews: Provide security guidance for cloud architectures and changes (network segmentation, private connectivity, encryption patterns, key management), and review designs for risk and alignment to standards.

• Identity & Access Management (IAM): Implement and maintain least-privilege access using AWS IAM/Organizations and Azure Entra ID/RBAC, including privileged access workflows, role design, service principals, and periodic access reviews.
• Security Monitoring & Detection Engineering: Enable and tune cloud-native security signals (e.g., CloudTrail/Config/GuardDuty, Azure Activity Logs/Defender for Cloud/Sentinel) and ensure centralized logging, alerting, and actionable runbooks.
• Vulnerability & Configuration Management: Drive patching and vulnerability remediation for cloud workloads and platform services; enforce secure configuration baselines and continuously assess drift using CSPM/configuration tools.
• Security Automation & DevSecOps: Build guardrails and automate security controls with Infrastructure as Code (e.g., Terraform) and scripting (Python/Bash/PowerShell), including policy-as-code, CI/CD checks, and standardized hardened templates.
• Compliance, Risk & Governance: Maintain cloud security standards, support audits (e.g., HITRUST), evidence collection, risk assessments, and exception management; translate control requirements into actionable technical controls.
• Stakeholder Partnership: Collaborate with cloud/platform teams and application owners to prioritize security work, provide guidance, and deliver secure-by-default patterns without blocking delivery., Through a team of professionals ranging from actuaries to clinicians, technology specialists to plan administrators, we offer unparalleled expertise in employee benefits, investment consulting, healthcare, life insurance and financial services, and property and casualty insurance.

• The ideal candidate must have Cloud Certification (Azure Or AWS).

• The ideal candidate must have minimum 5 years of experience in cloud security, cloud engineering with a primary security focus, or security operations supporting public cloud environments.

• The ideal candidate must have minimum 3 years of hands-on security experience in AWS and Azure, including implementing IAM, network security controls, logging/monitoring, and policy enforcement; relevant cloud certifications required (AWS and/or Azure).

• The ideal candidate must have previous experience operating and improving security controls such as CSPM, vulnerability management, SIEM/SOAR, EDR, and incident response processes.

• The ideal candidate must have hands-on scripting/automation experience (Python, Bash, and/or PowerShell) and Infrastructure as Code concepts to automate security checks and guardrails.

• Must have excellent communication skills (verbal and written), with the ability to translate security risk into clear technical and business recommendations.

SKILLS & QUALIFICATIONS PREFERRED:

• HITRUST and/or other regulated-environment experience (e.g., SOC 2, ISO 27001), including audit support and evidence collection.
• Experience securing Databricks and data platforms (workspace access controls, secret scopes, logging, network controls).
• Infrastructure as Code (IaC) experience, especially Terraform, including policy-as-code/guardrails (e.g., Sentinel/OPA) and standardized secure modules.
• Container/Kubernetes security experience (image scanning, admission controls, runtime protections, and cluster hardening).

The overall salary range for this role is $104,900 - $199,065. For candidates residing in:

• Alaska, California, Connecticut, Illinois, Maryland, Massachusetts, New Jersey, New York City, Newark, San Jose, San Francisco, Pennsylvania, Virginia, Washington, or the District of Columbia the salary range is $120,635 - $199,065.
• All other locations the salary range is $104,900 - $173,100., We offer a comprehensive benefits package designed to support employees' health, financial security, and well-being. Benefits include:
• Medical, Dental and Vision - Coverage for employees, dependents, and domestic partners
• Employee Assistance Program (EAP) - Confidential support for personal and work-related challenges
• 401(k) Plan - Includes a company matching program and profit-sharing contributions.
• Discretionary Bonus Program - Recognizing employee contributions
• Flexible Spending Accounts (FSA) - Pre-tax savings for dependent care, transportation, and eligible medical expenses
• Paid Time Off (PTO) - Begins accruing on the first day of work. Full-time employees accrue 15 days per year, and employees working less than full-time accrue PTO on a prorated basis
• Holidays - A minimum of 10 paid holidays per year
• Family Building Benefits - Includes adoption and fertility assistance
• Paid Parental Leave - Up to 12 weeks of paid leave for employees who meet eligibility criteria
• Life Insurance & AD&D - 100% of premiums covered by Milliman
• Short-Term and Long-Term Disability - Fully paid by Milliman

Independent for over 75 years, Milliman delivers market-leading services and solutions to clients worldwide. Today, we are helping companies take on some of the world's most critical and complex issues, including retirement funding and healthcare financing, risk management and regulatory compliance, data analytics and business transformation.