Cloud Security Engineer

As a Cloud Security Engineer, you will design, implement, and operate security controls primarily across Microsoft Azure environments, with potential expansion to other leading cloud platforms over time. You will build guardrails, monitor posture, and respond to cloud threats while enabling teams to move quickly and safely. Focus on cloud security architecture, best practices, resource standards, configuration management and detection. Your responsibilities Lead design and implementation for cloud landing zones, identity, and network controls (VPC/VNet, security groups/NSGs, private endpoints). Configure cloud-native security services (e.g., Microsoft Defender for Cloud, Microsoft Sentinel, Defender XDR). Build posture management (CSPM) and workload protection (CWPP) with policy-as-code and automated remediation. Implement key management, encryption at rest/in transit, and certificate governance using KMS/Key Vault/Cloud KMS. Establish logging, telemetry, and alerting (Azure Monitor) integrated to SIEM/XDR. Work with key team members across IT and Security to test and validate total coverage / maturity of detection telemetry from cloud native sources. Determine architecture as needed to harden serverless containers, and managed services (Functions, Logic Apps, Container Apps, AKS, ACI) with baseline controls. Perform threat modeling and security reviews for cloud architectures and application designs. Partner with platform and product teams to deliver IaC guardrails, image baselines, and patch/vulnerability workflows. Respond to cloud incidents as a point of escalation; perform triage, containment, and post-incident improvements. Develop automation architecture where applicable to optimize cloud detection and response capabilities. Leverage automation and AI-assisted capabilities where appropriate to enhance cloud detection and response. Document standards and runbooks; conduct enablement sessions with dev and ops teams. Design partner in cloud security strategy and program maturity. Essential skills and experience Bachelor's in computer science/engineering or equivalent experience. 4–7 years in cloud security engineering across at least one major CSP. Strong knowledge of IAM, networking, encryption, and cloud-native security tooling. Experience securing hybrid environments spanning on-premises and Azure cloud. Scripting/automation expertise (Python/Bash/PowerShell; Terraform/Bicep/ARM). Certifications: CCSP; AWS Certified Security – Specialty, Azure Security Engineer Associate (AZ-500), or Google Professional Cloud Security Engineer. Good to have Experience with CIEM solutions and multi-cloud governance. Certifications: GIAC Cloud (GCSA/GPCS), CNCF CKA/CKS, vendor pro-level architect certs. Physical requirements and working conditions (with or without reasonable accommodation): Remote eligible; occasional after-hours support for incidents. On-call rotation for major incidents. Other considerations May support cloud migration programs and control design reviews. At Ardent Mills At Ardent Mills, everyone matters and everyone has a voice. We are committed to providing an environment of mutual respect where equal opportunities are available to all applicants and team members and the decisions will be based on merit, competence, performance, and business needs. We are proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, religion, creed, national origin, aboriginality, ancestry, marital status, sex, sexual orientation, gender identity or expression, physical or mental disability, pregnancy, genetic information, veteran status, age, political affiliation, or any other non-merit characteristic protected by law or not. Location: Remote US Employment Type: Full time Competitive Compensation: We provide market-driven base pay, based on skills, abilities, and level of experiences. Our salary ranges are broad, and individual salary will be market competitive based on a candidate's unique set of skills and level of experience. The starting range for this position is $140,000.00 – $200,000.00, with additional earning potential possible commensurate with experience. Additionally, we believe that our team members are the reason for our success and all team members are incentive eligible with a target based on contribution, company performance, and individual results achieved. While the specific bonus plan and target amount will be determined based on the role and breadth of contributions, the targeted bonus plan and targeted percentage amount for this role is Bonus – MIP, 10% Annual. Benefits Medical, Dental and Vision Coverage Health and Dependent Savings Accounts Life and Disability Programs Voluntary Benefit Programs Company Sponsored Wellness Programs Retirement Savings with Company Match Team Member and Family Assistance Program (EAP) Paid Time Off and Paid Holidays Employee Recognition Program with Rewards (RAVE) Application Deadline: 04/30/2026 EEO Commitment: At Ardent Mills, everyone matters and everyone has a voice. We are committed to providing an environment of mutual respect where equal opportunities are available to all applicants and team members and the decisions will be based on merit, competence, performance, and business needs. We are proud to be an equal opportunity employer. We do not discriminate on the basis of race, color, religion, creed, national origin, ancestry, marital status, sex, sexual orientation, gender identity or expression, physical or mental disability, pregnancy, genetic information, veteran status, age, political affiliation, or any other non-merit characteristic protected by law or not. Recruitment Fraud Disclaimer: At Ardent Mills, the security of our employees and candidates is a priority. We will never request sensitive information such as your bank account information, social security number, or other non-publicly available information during the application and interview process. If someone asks you for sensitive information, we strongly advise that you assume that individual is not affiliated with Ardent Mills. Some things to watch out for: Slightly altered or unprofessional email addresses. Ardent Mills' Recruitment team only corresponds from email addresses with the domain first.last.talent@ardentmills.com or first.last@ardentmills.com. Vague job requirements or job descriptions. Our open job opportunities and descriptions can be found at ardentmillscareers.com. Apply Now Connect With Us J-18808-Ljbffr