Sr. Cloud Security Engineer (Remote)

IF
Inspira Financial

Oak Brook, IL, USA

Posted on Jul 14, 2026

The Sr. Cloud Security Engineer (Sr. CSE) is a hybrid cloud and security engineering role responsible for the hands-on remediation of infrastructure and cloud vulnerabilities, ensuring cloud and infrastructure resources maintain compliance with established policies and Minimum-Security Baselines (MSBs), and reporting the organization's current compliance posture. The Sr. CSE will partner with the Security team to define, author, and maintain cloud security policies - keeping pace with evolving industry trends and regulatory requirements. This role will also actively participate in audit activities, including evidence gathering, reporting, and cross-functional collaboration with Compliance, Legal, and IT teams. 

 

Duties & Responsibilities: 

Vulnerability Remediation & Security Operations 

  • Perform hands-on remediation of infrastructure and cloud vulnerabilities, driving issues to closure within established SLAs and policy requirements 
  • Operate and administer vulnerability management and cloud security posture management (CSPM/DSPM) tooling - managing scan coverage, remediating findings, and reporting on SLA adherence 
  • Identify, prioritize, and remediate cloud misconfigurations and security posture gaps across the organization's Azure subscriptions and infrastructure 
  • Implement and validate security controls across cloud-native services, IaaS, PaaS, and container-based workloads 
  • Maintain and enforce secure configurations across firewalls, network security components, application delivery infrastructure, and compute platforms in partnership with the Security Team 
  • When needed, assist with privileged credential hygiene, certificate lifecycle, and secrets governance across the environment 
  • Support the hardening of Windows and Linux server environments through configuration management and compliance-as-code practices 
  • Maintain awareness of known and emerging vulnerabilities across the full technology stack - cloud services, OS platforms, network components, and application runtimes 

 

 

Compliance, Policy & Reporting 

 

  • Monitor and report the organization's compliance posture against established security policies, baselines, and regulatory frameworks 
  • Partner with the Security team to define, author, and maintain cloud and infrastructure security policies - keeping pace with evolving industry trends and regulatory requirements 
  • Review and update existing policies on a regular cadence to reflect changes in the cloud environment and threat landscape 
  • Produce accuratetimely compliance posture reports for leadership - covering baseline adherence, vulnerability SLA performance, and remediation progress 
  • Coordinate and assist in evidence collection and audit maintenance for internal and external organizational assessments, including regulatory audits and third-party risk reviews 
  • Respond to findings from audits, security questionnaires, and internal/external scanning or penetration testing 

 

CI/CD Pipeline & Infrastructure Security 

 

  • Partner with Software Engineering and App Security  teams to embed security into CI/CD pipelines and deployment workflows - including secret scanning, least-privilege deployment identities, and secrets management integration 
  • Review and advise on Infrastructure-as-Code (IaC) implementations from a security perspective, ensuring patterns align with security baselines and organizational standards 
  • Support secure configuration management across server and cloud environments 
  • Ensure PKI and certificate management practices are maintained across the environment - including TLS/SSL lifecycle, renewal processes, and certificate inventory 

 

Technical Leadership & Mentorship 

 

  • Serve as an informal technical leader and security subject matter expert across Cloud Engineering, Platform Engineering, and adjacent teams 
  • Mentor engineers on security best practices, secure design patterns, and compliance requirements - elevating security competency across the department without direct people management responsibilities 
  • Contribute to architecture and design reviews, providing a security lens on cloud platform decisions in partnership with the Cloud Architect 

 

Cross-Team Collaboration 

 

  • Cloud Engineering & Platform Engineering - consult on secure architecture, container platform hardening, network segmentation, and pipeline security practices 
  • Identity & Access Management (IAM) - partner on identity governance, privileged access management, and access control policy enforcement 
  • Incident Response / Vulnerability Management - collaborate with the Security Detection & Response team on vulnerability prioritization, SLA tracking, remediation coordination, and incident response activities 
  • Audits & Assessments - provide technical support for evidence gathering, compliance posture reporting, and audit response 
  • Application Development Teams - consult on security requirements for cloud-native application platforms, ensuring developer environments are built securely from the ground up 

 

Additional Requirements:

As part of the evaluation process, candidates who progress beyond the initial screening will be required to complete a formal technical assessment to validate coding proficiency and technical competency.