Cloud Security Engineer
Arkhya Tech
Newark, United States of America
yesterday
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Newark, United States of America
Tech stack
Artificial Intelligence
Amazon Web Services (AWS)
User Authentication
Azure
Cloud Computing
Cloud Computing Security
Continuous Integration
Python
Key Management
OAuth
OpenID
Powershell
Role-Based Access Control
Azure
Security Information and Event Management
Policy as Code
Google Cloud Platform
Enterprise Software Applications
Large Language Models
Terraform
Job description
We are seeking a Senior Cloud Security Engineer to own cloud security remediation, hardening, and security posture improvement across our Azure environment. This is a hands-on engineering role focused on permanently resolving security findings, implementing preventive controls, and enforcing secure-by-design practices., * Own end-to-end remediation of security findings from Security teams, Microsoft Defender for Cloud, and other security tools.
- Identify root causes and implement permanent fixes using policy-as-code, automation, and security guardrails.
- Manage and secure Microsoft Entra ID (Azure AD), including App Registrations, Enterprise Applications, Conditional Access, RBAC, and least-privilege access.
- Secure authentication mechanisms including OIDC, OAuth 2.0, PKCE, JWT, and mTLS.
- Build and enforce security controls using Terraform and Azure Policy.
- Improve cloud security posture through Microsoft Defender for Cloud and CSPM initiatives.
- Strengthen privileged access security using MFA, PIM, and Just-In-Time access.
- Implement security controls for AI workloads, AI agents, and modern cloud services.
Requirements
- 8+ years of Cloud Security / Security Engineering experience.
- Strong Azure Security and Microsoft Entra ID expertise.
- Hands-on experience with Terraform, Azure Policy, and Policy-as-Code.
- Experience with Microsoft Defender for Cloud and CSPM.
- Knowledge of OIDC, OAuth 2.0, PKCE, JWT, and mTLS.
- Proven experience remediating and preventing recurring security findings.
- Understanding of AI security concepts and controls.
Preferred Skills
- AWS or Google Cloud Platform security experience.
- CI/CD Security, Secrets Management, and SIEM/SOAR.
- PowerShell and Python automation.
- Experience securing AI/LLM-based solutions.
Certifications: AZ-500, SC-300, SC-100, CISSP.