Spotterful

Main Responsibilities and Required Skills for Cloud Security Engineer

developer working on laptop

A Cloud Security Engineer is a professional who analyzes, plans, designs, and implements security solutions for cloud-native solutions. They research and investigate cyber threats and security incidents in the cloud environment and provide cloud security guidance. In this blog post we describe the primary responsibilities and the most in-demand hard and soft skills for Cloud Security Engineers.

Get market insights and compare skills for other jobs here.

Main Responsibilities of Cloud Security Engineer

The following list describes the typical responsibilities of a Cloud Security Engineer:

Analyze

  • Analyze and define security requirements for moderate to complex IT issues.

  • Analyze and respond to relevant security alerts from multiple sources.

  • Analyze, plan, design, and implement security solutions for information security assurance.

Assess

Assess all cloud patterns to ensure adherence to best security practices and controls.

Assist in

  • Assist customers in implementing custom integrations and workflows into their SOC.

  • Assist in designing, planning, and implementing security tools, controls, policies, and processes.

  • Assist in investigation and remediation of security incidents and issues.

  • Assist in securing O365, Azure, AWS, GCP, and other cloud platforms / services.

  • Assist in the selection of toolsets to support the environment such as JMeter, Gitlab, Jenkins, etc..

  • Assist with defining cloud security standards.

  • Assist with development of policies, standards and procedures in the cloud.

Audit

Audit system resources and take action as necessary.

Automate

Automate security controls, data and processes to provide better metrics and operational support.

Build

  • Build and deliver policies as code, automating security controls and best practices.

  • Build and lead a team of Customer Success Engineers.

Communicate

  • Communicate analysis using a clear approach.

  • Communicate statuses and escalations to technology leadership.

Conduct

  • Conduct POC and evaluation engagements for different native and third party security tooling.

  • Conduct research into current security threats and makes recommendations to counter.

Configure

  • Configure endpoint managers / consoles.

  • Configure vulnerability and compliance scans using industry standard security scanning tools.

Consult

  • Consult with our infrastructure and development teams on securely growing our cloud environments.

  • Consult with team members and management as needed.

Coordinate

  • Coordinate and deploy various security tools on all Salesforce endpoints.

  • Coordinate with DevOps teams to advocate secure coding practices.

Create

  • Create and maintain comprehensive documentation.

  • Create and maintain technical and security documentation about systems, networks, and processes.

  • Create and manage AWS IAM policies, roles, identity federation, etc..

  • Create effective remediation plans and controls for identified IT or Security gaps.

  • Create Engineering documentation and procedures to implement tools into the environment.

  • Create processes and guidelines that will be used across the company.

Define

Define and embed technical security principles and standards through code.

Deliver

Deliver an exceptional customer experience every day.

Deploy

Deploy cloud security controls based on industry recognized good practice.

Design

  • Design and build the security components of the next phase of product infrastructure.

  • Design and deliver a security solution that caters to a massively distributed cloud architecture.

  • Design and develop new tools / technologies as related to Cloud Security.

  • Design and implement both preventative and detective security controls in the cloud environment.

  • Design and implement network segmentation in hybrid environments.

Develop

  • Develop and deliver end-user security documentation, user guides, training and awareness material.

  • Develop and deploy Container Security Automation, Cloud Security Automation.

  • Develop and evaluate security controls on cloud-native solutions.

  • Develop and maintain complex and ad hoc reports and dashboards for security and risk management data.

  • Develop and maintain Security patterns for Cloud Platforms and Services.

  • Develop and maintains knowledge of the our Company's implementation of these technologies.

  • Develop architecture for the cloud environments in the MCBOSS AWS SCCA.

  • Develop best practices for IT and Cloud security.

  • Develop & maintain KRIs and KPIs for Cybersecurity program.

  • Develop metrics and provide regular reports to senior management.

  • Develop, review, and update a library of technical documentation.

  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices.

  • Develop standards, policies and procedures as well as best practices documentation.

  • Develop strong relationships with our sales team, customers, and partners.

  • Develop vulnerability management processes and manage the process remediate the vulnerabilities.

Direct

Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls.

Document

Document security processes, procedures, policies, and standards.

Draft

Draft security procedures and standards to be reviewed and approved by executive management.

Drive

Drive compliance with the approved security baseline, including policies, procedures, and standards.

Enhance

Enhance cloud security monitoring.

Ensure

  • Ensure compliance with all requirements applied to cloud services and technology.

  • Ensure optimum efficiencies for the utilization of cloud services.

  • Ensure that consistent and standard onboarding training programs are used and delivered effectively.

  • Ensure that disaster recovery procedures comply with security requirements and procedures.

  • Ensure that the SecDevOps environment is in compliance with all DoD security requirements.

Establish

  • Establish a process to escalate when vulnerabilities cannot be remediated in a timely manner.

  • Establish, document, and maintain the security and regulatory posture of platforms and solutions.

  • Establish security baselines using best practices such as CIS benchmarks.

Evaluate

Evaluate vulnerability and compliance scans and collaborate with engineering to define remediations.

Evangelize

Evangelize cyber security practices across Allegion Global Engineering organization.

Execute

  • Execute on big opportunities, helping Hopper rise to the top of the travel industry.

  • Execute security architectures for cloud cloud / hybrid systems.

Follow

  • Follow standard practices and procedures in analyzing situations or data.

  • Follow written risk and compliance policies and procedures for business activities.

Generate

Generate reports and documentation to a very high standard, as needed.

Handle

Handle escalated internal or customer security issues from support or other operations team.

Help

  • Help deliver applications at scale and with resiliency to support business initiatives.

  • Help develop and refine DevOps / SecOps processes for cloud deployments.

  • Help in moving proxy servers from OnPrem to the cloud utilizing Zscaler.

Identify

  • Identify and Implement new security technologies and best practices into Unisys's Cloud offerings.

  • Identify opportunities for automation and prioritize their implementation.

  • Identify security risks and threats to the business based on a variety of sources.

Identity

Identity and Access Management (IAM).

Implement

  • Implement and automate 'security as code' using cloud services and CI / CD components as necessary.

  • Implement new security tooling to protect our cloud environments.

Improve

Improve processes and documentation related to security, compliance, and infrastructure.

Initiate

Initiate and conduct project security reviews to identify cloud infrastructure security risks.

Install

Install and maintain security architectures for cloud and hybrid systems.

Integrate

Integrate external services with proxies.

Interact

Interact with customers by phone, chat, or trouble ticket on any escalated security issues.

Lead

  • Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls.

  • Lead and manage security projects.

  • Lead the security team in the management and enforcement of security compliance strategies.

Maintain

  • Maintain Azure Security Center.

  • Maintain knowledge of the latest cloud security threats.

  • Maintain or reviews security systems and assesses security policies that control access to systems.

Manage

Manage the performance of the staff responsible for delivering cloud security services.

Measure

Measure your success against asset inventory data.

Meet

Meet project deliverables on time and on budget.

Monitor

  • Monitor and audit Amazon Web Services and Microsoft Azure system and service changes.

  • Monitor, maintain operational security management systems and respond to security incidents.

  • Monitor metrics related to security operations and support activities.

Operate

Operate within Agile best practices across several teams.

Oversees

Oversees and coordinates risk reporting and communications between Deloitte leaders and clients.

Participate

  • Participate in application and infrastructure projects to provide security-planning advice.

  • Participate in logistics BMA and Logistics Data Services IPTs as a Cloud and Engineering expert.

  • Participate in on-call rotation and travel as needed.

  • Participate in on-call rotations for infrastructure support.

Perform

  • Perform comprehensive risk assessment of new or existing cloud service that business needs to use.

  • Perform data analysis and develop reports.

  • Perform investigative research, analysis and troubleshooting on complex security issues.

Prepare

Prepare and document standard operating procedures and protocols.

Provide

  • Provide 24 / 7 on-call support for security incidents related to network systems and infrastructure.

  • Provide audit and continuous monitoring artifacts to compliance as required.

  • Provide cloud security guidance and support to project teams where necessary.

  • Provide expertise in security control configuration to business as needed.

  • Provide guidance on security solutions and best practices to internal teams.

  • Provide Info security architecture & systems engineering consulting to other IT and business teams.

  • Provide laboratory-based technical support to the developers / programmers.

  • Provide leadership and helps mentor other team members.

  • Provide management report on security posture of the cloud services being used at LendingTree.

  • Provide off-hours support when necessary and respond to emergencies in a timely manner.

  • Provide security expertise and guidance on our cloud infrastructure.

  • Provide security input and appraisal for solutions delivered to our Architecture Review Board.

  • Provide support in planning and coordination within the security operations program.

Report

Report common and repeat problems to management and propose process and technical improvements.

Represent

  • Represent Information Security in disaster recovery procedures and exercises.

  • Represent the Security Program in development and implementation of cloud environment.

Research

  • Research and investigate cyber threats and security incidents in the cloud environment.

  • Research security enhancements and make recommendations to management.

Review

  • Review network segmentation to ensure least privilege for network access.

  • Review Syslog data daily and provide regular reports to management on incidents and responses.

Secure

Secure code development and review.

Set

Set team and individual goals in-line with overall organizational goals.

Simulate

Simulate attacks on networks, firewalls, operating systems, and web applications.

Spot

Spot and execute new security technologies and best practices into the company's Cloud offerings.

Stay abreast of

  • Stay abreast of emerging security threats, vulnerabilities and controls.

  • Stay current with evolving technologies via formal training and self-directed education.

  • Stay up to date on information technology & security news, trends and standards.

Support

  • Support the definition and implementation of security requirements.

  • Support the Information Security and Cyber Security programs.

  • Support the monitoring and maintaining network security suite of tools.

Take

  • Take ownership of the development of the SaaS Lifecycle Management Framework.

  • Take part in any security-oriented projects or critical initiatives.

Track

  • Track and report status of remediation items assigned to technology owners to ensure completion.

  • Track the remediation / mitigation of known vulnerabilities, and drive them to resolution.

Transfer

Transfer completed solutions to operational support teams.

Troubleshoot

Troubleshoot issues in development and test systems.

Understand

  • Understand AWS Resource-Based Policies and their usage.

  • Understand micro-service principles and immutable architecture.

Use

  • Use Infrastructure as Code to maintain a modern infrastructure.

  • Use tooling and metrics to teach engineering teams of findings and methods to remediate.

Work

  • Work to implement and improve next-generation security controls like OPA / policy-as-code.

  • Work with auditors, where necessary, to ensure Hopper meets its compliance needs.

  • Work with a variety of technical and non-technical people across multiple teams.

  • Work with cross-functional teams using DevOps principles to implement security controls.

  • Work with developers and other teams to implement and integrate Cloud Security solutions.

  • Work with engineers to solve complex issues.

  • Work with governance teams to establish processes and best practices for AWS IAM.

  • Work within a security team to deliver an internal vulnerability and risk management program.

  • Work with the cloud and security teams to design, build and deliver security services.

Write

Write code / scripts / automation required to meet team objectives.

Most In-demand Hard Skills

The following list describes the most required technical skills of a Cloud Security Engineer:

  1. Amazon Web Services

  2. Python

  3. Azure

  4. Terraform

  5. Cissp

  6. Security

  7. Cloud Environments

  8. Cloudformation

  9. Kubernetes

  10. GCP

  11. Ccsp

  12. Jenkins

  13. Networking

  14. Ansible

  15. Automation

  16. Cloud Security

  17. Bash

  18. Linux

  19. Information Security

  20. Containers

  21. Firewalls

  22. IAM

  23. Powershell

  24. Scripting

  25. Docker

Most In-demand Soft Skills

The following list describes the most required soft skills of a Cloud Security Engineer:

  1. Written and oral communication skills

  2. Interpersonal skills

  3. Problem-solving attitude

  4. Analytical ability

  5. Communicate complex technical topics in straightforward terms

  6. Leadership

  7. Present ideas and information in compelling ways

  8. Self-motivated

  9. Skilled speaker

Stay on top of the sports job market!

Subscribe to our newsletter