Sr. Cloud Security Engineer (Remote)
Oak Brook, IL, USA
The Sr. Cloud Security Engineer (Sr. CSE) is a hybrid cloud and security engineering role responsible for the hands-on remediation of infrastructure and cloud vulnerabilities, ensuring cloud and infrastructure resources maintain compliance with established policies and Minimum-Security Baselines (MSBs), and reporting the organization's current compliance posture. The Sr. CSE will partner with the Security team to define, author, and maintain cloud security policies - keeping pace with evolving industry trends and regulatory requirements. This role will also actively participate in audit activities, including evidence gathering, reporting, and cross-functional collaboration with Compliance, Legal, and IT teams.
Duties & Responsibilities:
Vulnerability Remediation & Security Operations
- Perform hands-on remediation of infrastructure and cloud vulnerabilities, driving issues to closure within established SLAs and policy requirements
- Operate and administer vulnerability management and cloud security posture management (CSPM/DSPM) tooling - managing scan coverage, remediating findings, and reporting on SLA adherence
- Identify, prioritize, and remediate cloud misconfigurations and security posture gaps across the organization's Azure subscriptions and infrastructure
- Implement and validate security controls across cloud-native services, IaaS, PaaS, and container-based workloads
- Maintain and enforce secure configurations across firewalls, network security components, application delivery infrastructure, and compute platforms in partnership with the Security Team
- When needed, assist with privileged credential hygiene, certificate lifecycle, and secrets governance across the environment
- Support the hardening of Windows and Linux server environments through configuration management and compliance-as-code practices
- Maintain awareness of known and emerging vulnerabilities across the full technology stack - cloud services, OS platforms, network components, and application runtimes
Compliance, Policy & Reporting
- Monitor and report the organization's compliance posture against established security policies, baselines, and regulatory frameworks
- Partner with the Security team to define, author, and maintain cloud and infrastructure security policies - keeping pace with evolving industry trends and regulatory requirements
- Review and update existing policies on a regular cadence to reflect changes in the cloud environment and threat landscape
- Produce accurate, timely compliance posture reports for leadership - covering baseline adherence, vulnerability SLA performance, and remediation progress
- Coordinate and assist in evidence collection and audit maintenance for internal and external organizational assessments, including regulatory audits and third-party risk reviews
- Respond to findings from audits, security questionnaires, and internal/external scanning or penetration testing
CI/CD Pipeline & Infrastructure Security
- Partner with Software Engineering and App Security teams to embed security into CI/CD pipelines and deployment workflows - including secret scanning, least-privilege deployment identities, and secrets management integration
- Review and advise on Infrastructure-as-Code (IaC) implementations from a security perspective, ensuring patterns align with security baselines and organizational standards
- Support secure configuration management across server and cloud environments
- Ensure PKI and certificate management practices are maintained across the environment - including TLS/SSL lifecycle, renewal processes, and certificate inventory
Technical Leadership & Mentorship
- Serve as an informal technical leader and security subject matter expert across Cloud Engineering, Platform Engineering, and adjacent teams
- Mentor engineers on security best practices, secure design patterns, and compliance requirements - elevating security competency across the department without direct people management responsibilities
- Contribute to architecture and design reviews, providing a security lens on cloud platform decisions in partnership with the Cloud Architect
Cross-Team Collaboration
- Cloud Engineering & Platform Engineering - consult on secure architecture, container platform hardening, network segmentation, and pipeline security practices
- Identity & Access Management (IAM) - partner on identity governance, privileged access management, and access control policy enforcement
- Incident Response / Vulnerability Management - collaborate with the Security Detection & Response team on vulnerability prioritization, SLA tracking, remediation coordination, and incident response activities
- Audits & Assessments - provide technical support for evidence gathering, compliance posture reporting, and audit response
- Application Development Teams - consult on security requirements for cloud-native application platforms, ensuring developer environments are built securely from the ground up
Additional Requirements:
As part of the evaluation process, candidates who progress beyond the initial screening will be required to complete a formal technical assessment to validate coding proficiency and technical competency.