Principal Software Engineer

Requisition Number: 105411 

Cloud Security Consultant – Azure & AWS

Job Summary

We are seeking an experienced Cloud Security Consultant to design, implement, and maintain robust security frameworks across Azure and AWS cloud environments. This role focuses on ensuring compliance with industry standards, establishing governance policies, and protecting cloud infrastructure from evolving security threats. The ideal candidate will have deep expertise in cloud security architecture, regulatory compliance, and best practices across multiple cloud platforms.

Key Responsibilities

Security Architecture & Design

• Design and implement cloud security architectures for Azure and AWS environments
• Develop security baselines and hardening standards aligned with CIS benchmarks
• Create threat models and conduct security assessments for cloud deployments
• Recommend and implement identity and access management (IAM) solutions
• Design encryption strategies for data at rest and in transit

Compliance & Governance

• Develop and maintain cloud governance policies and standards
• Ensure compliance with regulatory frameworks (SOC 2, ISO 27001, HIPAA, PCI-DSS, FedRAMP, etc.)
• Conduct compliance audits and gap assessments
• Create and maintain compliance documentation and audit trails
• Implement automated compliance monitoring and reporting
• Manage cloud security posture management (CSPM) tools

Cloud Platform Security

• Configure and optimize Azure security services (Azure Security Center, Azure Sentinel, Azure Policy, Key Vault, etc.)
• Configure and optimize AWS security services (AWS Config, GuardDuty, Security Hub, IAM, KMS, etc.)
• Implement network security controls (VPCs, security groups, NACLs, firewalls)
• Manage cloud access controls and privilege escalation prevention
• Monitor and respond to security alerts and incidents

Risk Management & Governance

• Conduct cloud security risk assessments and vulnerability management
• Develop incident response procedures for cloud environments
• Create security awareness and training programs
• Establish metrics and KPIs for cloud security posture
• Maintain cloud security roadmaps and strategic initiatives

Collaboration & Enablement

• Partner with cloud architects, DevOps, and development teams to integrate security early
• Provide security guidance and best practices to engineering teams
• Conduct security reviews and code assessments
• Mentor junior security team members
• Present findings and recommendations to leadership and stakeholders

Required Qualifications

Experience

• 5+ years of cloud security experience (Azure and/or AWS)
• 3+ years of experience with cloud compliance and governance frameworks
• Demonstrated experience implementing security solutions in production cloud environments
• Experience with infrastructure-as-code (IaC) security and DevSecOps practices

Technical Skills

• Expert-level knowledge of Azure security services and architecture
• Expert-level knowledge of AWS security services and architecture
• Strong understanding of cloud networking, identity management, and encryption
• Proficiency with security tools: SIEM, CSPM, vulnerability scanning, configuration management
• Experience with scripting/automation (PowerShell, Python, Terraform, CloudFormation)
•  
• Knowledge of containerization and Kubernetes security (Docker, EKS, AKS)

Compliance & Standards

• Deep knowledge of compliance frameworks: SOC 2, ISO 27001, HIPAA, PCI-DSS, CIS Controls
• Experience with regulatory audits and compliance assessments
• Understanding of cloud-specific compliance challenges and solutions

Certifications (Preferred)

• AWS Certified Security – Specialty
• Microsoft Azure Security Engineer Associate (AZ-500)
• Certified Cloud Security Professional (CCSK)
• CISSP or similar security certification
• Additional certifications in compliance (CCPA, HIPAA, FedRAMP) are a plus

Preferred Qualifications

• Experience with multi-cloud environments
• Background in DevSecOps or secure software development
• Experience with threat intelligence and advanced threat detection
• Knowledge of cloud-native security and serverless security
• Experience with security orchestration and automation (SOAR)
• Background in incident response and forensics

Core Competencies

• Cloud security architecture and design thinking
• Regulatory compliance and audit experience
• Risk assessment and management
• Technical problem-solving and troubleshooting
• Communication and stakeholder management
• Project management and strategic planning
• Attention to detail and documentation
• Continuous learning mindset

Education

• Bachelor’s degree in Computer Science, Information Security, or related field
• OR equivalent professional experience in cloud security roles

Physical Requirements

• Ability to work in a collaborative office or remote environment
• Ability to participate in on-call security incident response (as needed)

The position described above provides a summary of some the job duties required and what it would be like to work at Insight. For a comprehensive list of physical demands and work environment for this position, click here.

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

Posting Notes: Chandler || Arizona (US-AZ) || United States (US) || Sales/Business Development || None || Remote ||