Cloud Security Engineer

Arkhya Tech
Newark, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Newark, United States of America

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
User Authentication
Azure
Cloud Computing
Cloud Computing Security
Continuous Integration
Python
Key Management
OAuth
OpenID
Powershell
Role-Based Access Control
Azure
Security Information and Event Management
Policy as Code
Google Cloud Platform
Enterprise Software Applications
Large Language Models
Terraform

Job description

We are seeking a Senior Cloud Security Engineer to own cloud security remediation, hardening, and security posture improvement across our Azure environment. This is a hands-on engineering role focused on permanently resolving security findings, implementing preventive controls, and enforcing secure-by-design practices., * Own end-to-end remediation of security findings from Security teams, Microsoft Defender for Cloud, and other security tools.

  • Identify root causes and implement permanent fixes using policy-as-code, automation, and security guardrails.
  • Manage and secure Microsoft Entra ID (Azure AD), including App Registrations, Enterprise Applications, Conditional Access, RBAC, and least-privilege access.
  • Secure authentication mechanisms including OIDC, OAuth 2.0, PKCE, JWT, and mTLS.
  • Build and enforce security controls using Terraform and Azure Policy.
  • Improve cloud security posture through Microsoft Defender for Cloud and CSPM initiatives.
  • Strengthen privileged access security using MFA, PIM, and Just-In-Time access.
  • Implement security controls for AI workloads, AI agents, and modern cloud services.

Requirements

  • 8+ years of Cloud Security / Security Engineering experience.
  • Strong Azure Security and Microsoft Entra ID expertise.
  • Hands-on experience with Terraform, Azure Policy, and Policy-as-Code.
  • Experience with Microsoft Defender for Cloud and CSPM.
  • Knowledge of OIDC, OAuth 2.0, PKCE, JWT, and mTLS.
  • Proven experience remediating and preventing recurring security findings.
  • Understanding of AI security concepts and controls.

Preferred Skills

  • AWS or Google Cloud Platform security experience.
  • CI/CD Security, Secrets Management, and SIEM/SOAR.
  • PowerShell and Python automation.
  • Experience securing AI/LLM-based solutions.

Certifications: AZ-500, SC-300, SC-100, CISSP.

Apply for this position