Application & Cloud Security Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Build and maintain security automation in CI/CD pipelines.Run code scanning, dependency checks, and container image scanning.Manage secret storage, rotation, and detection.Application & API Security:Review code and help teams follow secure coding practices.Protect APIs with authentication, rate limits, and validation.Support developers in fixing identified vulnerabilities.Manage IAM roles, access control, and least-privilege policies.Configure Cloudflare WAF and cloud firewall rules.Monitor cloud configurations and enforce security best practices.Track vulnerabilities, alerts, and suspicious activities.Support incident response and root-cause analysis.Maintain dashboards and automated alerts.Compliance & Governance:Support ISO27001, SOC2, or other compliance requirements.Keep documentation, audit logs, and security reports up to date.Work with the Security Architect on long-term improvements.Requirements:Must Have:Bachelor's degree in Computer Science, Cybersecurity, Information Security, or related technical field.3+ years in Application Security, Cloud Security, or DevSecOps.Experience with AWS/Azure/GCP security tools.Hands-on with CI/CD pipelines and security scanners (SAST/DAST/SCA).Solid understanding of IAM, WAF, encryption, and secret management.Knowledge of OWASP Top 10 and API Security Top 10.Experience working with logging, SIEM, and monitoring tools.Nice to Have:Kubernetes security experience (OPA, Falco, image signing).Experience with Cloudflare security tools.Penetration testing or red-team experience.Understanding of ISO 27001, SOC2, UL 3300, or GDPR.Security certifications (e.g., CEH, GCSA, CISSP, AZ-500).J-18808-Ljbffr