Cloud Security Engineer (m/f/d) for Timisoara/ Munich
YOUR TASKS:
Oversee and enhance security measures for our cloud-based infrastructure and microservices applications, ensuring robust protection and compliance.
Develop and implement security best practices for cloud deployments, automation, monitoring, and incident response to mitigate risks and maintain a secure environment.
Proactively monitor and address cloud security incidents, conducting root cause analysis, and driving remediation to minimize impact.
Work closely with cross-functional teams to identify vulnerabilities, develop security controls, and implement effective solutions.
Participate in security audits, assessments, and penetration tests to maintain compliance with ISO 27001, SOC 2, and other relevant standards.
Conduct risk and vulnerability assessments, identifying gaps and implementing mitigating controls.
Create and maintain comprehensive security policies and procedures for cloud-native applications, including container, API, and microservices security.
Leverage Infrastructure as Code (Ia C) tools (e.g., Terraform, ARM templates) to automate security controls, compliance checks, and integrate with Azure Dev Ops pipelines.
Keep up-to-date with the latest security trends, threats, tools, and best practices, particularly in cloud-native and container security domains.
YOUR CAPABILITIES: Required Qualifications:
Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
At least 3 years of experience securing cloud infrastructure, with a strong focus on microservices environments.
Solid understanding of standards like ISO 27001, SOC 2, NIST, CIS, GDPR, and best practices for cloud security.
Proven experience with cloud security tools and WAF solutions, such as Azure Cloud Defender, Cloudflare, or Akamai.
Skilled in monitoring, incident response, and threat detection within cloud environments.
Strong grasp of network security, including firewalls, IDS/IPS, VPNs, and cloud-native security services.
Strong analytical and problem-solving skills, with the ability to work independently or as part of a collaborative team.
Excellent communication skills to engage with both technical and non-technical stakeholders.
Preferred Qualifications:
Background in securing Saa S platforms, with knowledge of cloud-native architectures and microservices patterns.
Experience integrating security into CI/CD pipelines using Azure Dev Ops and familiarity with Dev Sec Ops practices.
Expertise in securing containerized environments, with a strong understanding of runtime security, container isolation, vulnerability scanning, and best practices for hardening containers.
Expertise in Infrastructure as Code (Ia C) tools (e.g., Terraform, ARM templates) and automation scripting (Python, Bash, Power Shell).
Understanding of Zero Trust security principles and their application in cloud environments.
Experience with security logging, monitoring, and incident management tools.