Cloud Security Engineer at Moniepoint Inc.

About The Role

• You will engineer secure, automated, and scalable cloud environments across GCP, AWS and Azure. You will embed security into Terraform-based provisioning workflows, enforce hardened baselines through golden images and guardrails, and drive technical enforcement of best practices across infrastructure layers, from identity to workloads

Responsibilities

• Design and implement security controls across cloud environments such as GCP, AWS, and Azure.
• Develop and maintain IaC modules and Ansible playbooks for secure infrastructure automation.
• Leverage CSPM and CNAPP platforms to manage cloud security posture, identity risks, and vulnerability remediation.
• Configure and optimize CASB, ZTNA, SaaS visibility, and data protection controls.
• Build automated guardrails, policy enforcement, and detection logic using cloud-native tools.
• Improve and maintain IAM governance, least privilege access, and identity lifecycle workflows.
• Enhance network security, workload protection, logging, monitoring, and encryption/KMS configurations.
• Deploy and manage Kubernetes security initiatives across clusters and workloads.
• Contribute to cloud incident response, threat investigations, and detection engineering efforts.
• Drive continuous improvement of cloud security tooling, automation, and operational processes.
• Ensure cloud environments align with CIS, NIST, and internal governance requirements.
• Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies.
• Working with analysts, engineers, and data scientists across the organization to continually improve cyber resilience.
• Take part in post-incident reviews and propose engineering resolutions to improve results in any future recurrence.

Requirements

• 3+ years of experience in DevSecOps, or Cloud Security roles.
• Bachelor’s degree in Computer Science, Information Security, or related fields
• Hands-on experience securing cloud environments (GCP, AWS, Azure), including implementing IAM, network, workload, logging, monitoring, and encryption controls.
• Hands-on experience with Terraform and Ansible for provisioning and automating secure infrastructure.
• Familiarity with cloud security tools such as Wiz (for CSPM, CNAPP, and identity/security posture management) and Netskope (for CASB, ZTNA, and SaaS/cloud access security).
• Proficient in container security and Kubernetes (RBAC, secrets management, cluster hardening) and hardened Linux baselines.
• Working knowledge of image-building tools (e.g., Packer, AWS Image Builder) and cloud-native security tooling.
• Comfortable working in GitOps environments and integrating security into GitLab CI/CD pipelines.
• Ability to implement automated security guardrails, detection logic, and CI/CD security integrations.
• Understanding of cloud security standards and frameworks such as CIS, NIST, or ISO 27001.
• Strong collaboration, communication, and problem-solving skills; able to guide teams on secure practices.

Nice-to-have: Python or Go scripting for automation

Certifications

Relevant cloud certifications include:

• CCSP – Certified Cloud Security Professional
• CCSK – Certificate of Cloud Security Knowledge
• AWS Certified Security – Specialty
• Google Professional Cloud Security Engineer
• Azure Security Engineer Associate (AZ-500)