Cloud Security Engineer VHanger, Inc. • New York, New York, United States
Cette offre d'emploi n'est plus disponible
Cloud Security Engineer V
Hanger, Inc.
- New York, New York, United States
- New York, New York, United States
À propos
Could This Be For You? The Cloud Security Engineer V is responsible for working cross‑functionally with Architecture, Software Development, Cloud Infrastructure, and Operations teams to design, implement, and support Hanger’s cloud environment. This role sits at the intersection of software engineering and cloud security — the successful candidate will bring deep hands‑on development skills alongside proven cloud security expertise, and will represent a critical component of Hanger’s strategy to securely migrate from on‑premise data centres to the cloud. The ideal candidate is a strong communicator who can translate complex security requirements into working, automated solutions and influence technical decisions across the organisation.
Your Impact
Cloud Security Engineering
Design, develop, and implement cloud security architecture solutions in Microsoft Azure aligned with business objectives, technical requirements, and industry frameworks (e.g., NIST CSF, CIS Benchmarks).
Build and maintain security automation using Infrastructure as Code (IaC) tools such as Terraform, Bicep, or ARM templates to ensure consistent, repeatable, and auditable deployments.
Architect and implement cloud‑native security controls including network segmentation, micro‑segmentation, encryption at rest and in transit, and secrets management.
Cloud Migration & Infrastructure Security
Partner with IT Infrastructure and Enterprise Architecture teams on the migration strategy for moving on‑premise data centres to Microsoft Azure, ensuring environments are secure, compliant, and resilient from day one.
Evaluate and remediate security risks across hybrid and cloud‑native architectures throughout the migration lifecycle.
Implement and manage Cloud Security Posture Management (CSPM) and Cloud‑Native Application Protection Platform (CNAPP) tooling to maintain continuous visibility and compliance.
DevSecOps & Secure Software Development
Collaborate with development and platform engineering teams to embed security into CI/CD pipelines, including static/dynamic code analysis (SAST/DAST), container image scanning, dependency vulnerability scanning, and automated policy enforcement.
Write production‑quality code and automation scripts (Python, PowerShell, Bash, or Go) to build security tooling, automate remediation workflows, and integrate security controls across cloud services.
Champion secure software development practices across engineering teams, including threat modelling, secure code review, and security architecture assessments.
Support the adoption of policy‑as‑code and detection‑as‑code practices to enforce security standards programmatically.
Identity & Access Management (IAM)
Lead the design, development, and implementation of a cloud‑based IAM strategy, including Zero Trust principles, least‑privilege enforcement, conditional access, and identity governance.
Manage and optimise identity platforms (e.g., Microsoft Entra ID), role‑based access control (RBAC), privileged access management (PAM), and authentication protocols (OAuth 2.0, SAML, OIDC).
Security Operations & Continuous Improvement
Implement and tune cloud‑native monitoring, logging, and alerting using tools such as Microsoft Sentinel or equivalent SIEM/SOAR platforms.
Develop and enforce cloud security policies, standards, and procedures, and maintain audit readiness for applicable compliance frameworks.
Stay current with emerging technologies, threat vectors, and industry trends — including AI‑driven threat detection, container and serverless security, and evolving regulatory requirements.
Act as a subject‑matter expert, providing technical guidance and mentorship to other engineers and cross‑functional team members.
Minimum Qualifications
8+ years of progressive experience in IT, cybersecurity, or cloud engineering, with at least 10 years of hands‑on experience in Microsoft Azure security architecture and operations.
Demonstrated experience in software development or platform engineering, with working proficiency in at least two of the following: Python, PowerShell, Go, Bash, or TypeScript.
Proven track record of designing and implementing IaC‑driven cloud environments using tools such as Terraform, Bicep, or ARM templates.
Hands‑on experience integrating security tooling into CI/CD pipelines (e.g., GitHub Actions, Azure DevOps, GitLab CI) and working within DevSecOps workflows.
Proven success leading or significantly contributing to data centre‑to‑cloud migration initiatives.
Success with AI/ML workload security or securing generative AI deployments.
Bachelor’s degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field (or equivalent professional experience).
Certifications
At least one active cloud security certification is required: CCSP, CISSP, Microsoft Certified: Cybersecurity Architect Expert (SC‑100), AZ‑500 (Azure Security Engineer Associate), or equivalent.
Additional certifications in cloud engineering, DevSecOps, or AI security are a strong plus (e.g., AZ‑305, Terraform Associate, Certified Kubernetes Security Specialist).
Must have, or be eligible to obtain, a valid driver’s licence and driving record within the standards outlined within Hanger’s Motor Vehicle Safety Policy and Procedures.
Additional Success Factors
Technical Knowledge
Deep expertise in cloud IAM, including Zero Trust architecture, identity governance, conditional access, privileged access management, and modern authentication protocols.
Strong knowledge of cloud‑native security services and tooling: CSPM, CNAPP, SIEM/SOAR, endpoint protection, and threat intelligence platforms.
Strong understanding of container and orchestration security (Docker, Kubernetes), including image scanning, runtime protection, and workload isolation.
Familiarity with security frameworks and standards (NIST CSF, CIS Controls, ISO 27001, SOC 2) and their application in cloud environments.
Working knowledge of AI‑driven security tools and an understanding of how machine learning is applied to threat detection, behavioural analytics, and automated incident response.
Expertise in data protection strategies including encryption, key management, data classification, and data loss prevention in cloud environments.
Soft Skills
Excellent analytical and problem‑solving skills, with the ability to evaluate complex systems and design pragmatic security solutions.
Flexible and collaborative with a proven ability to build consensus among cross‑functional teams and influence technical decision‑making.
Strong written and verbal communication skills, with the ability to present complex security topics to both technical and non‑technical audiences.
Demonstrated ability to mentor engineers and elevate security awareness across an organisation.
Act with integrity in all ways and at all times, remaining honest, transparent, and respectful in all relationships.
Keep the patient at the centre of everything that you do, building lifelong trust.
Foster open collaboration and constructive dialogue with everyone around you.
Continuously innovate new solutions, influencing and responding to change.
Focus on superior outcomes, and calibrate work processes for outstanding results.
Pay range: $153,986 to $192,482 annual salary + annual bonus: up to 15% of base pay depending on bonus criteria. This pay range is posted to comply with wage transparency laws. Hanger salary ranges vary based on skill, ability, knowledge, geographic location and other variables.
Our Investment in You
Competitive Compensation Packages
8 Paid National Holidays & 4 additional Floating Holidays
PTO that includes Vacation and Sick time
Medical, Dental, and Vision Benefits
401k Savings and Retirement Plan
Paid Parental Bonding Leave for New Parents
Flexible Work Schedules and Part‑time Opportunities
Generous Employee Referral Bonus Programme
Mentorship Programs – Mentor and Mentee
Student Loan Repayment Assistance by Location
Relocation Assistance
Regional & National travelling CPO/CO/CP opportunities
Volunteering for Local and National events such as Hanger’s BAKA Bootcamp and EmpowerFest
Hanger, Inc. is committed to providing equal employment opportunity in all aspects of the employer‑employee relationship. All conditions and privileges of employment are administered to all employees without discrimination or harassment because of race, religious creed, colour, age, sex, sexual orientation, gender identity, national origin, religion, marital status, medical condition, physical or mental disability, military service, pregnancy, childbirth and related medical conditions, special disabled veteran status, or any other classification protected by federal, state, and local laws and ordinances. The company will comply with all applicable state or local fair employment laws that forbid discrimination or harassment on the basis of other protected characteristics. Retaliation against any employee for filing or supporting a complaint of discrimination or harassment is prohibited.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre a été publiée par l’un de nos partenaires. Vous pouvez consulter l’offre originale ici.