Job Description

Job Title: Cloud Security Engineer PAM, IAM, & CI/CD Specialist

Location: Remote

Job Type: Full-time

Job Description:
We are seeking a skilled Cloud Security Engineer with expertise in Privileged Access Management (PAM), Identity and Access Management (IAM), and automation through CI/CD pipelines. The successful candidate will be responsible for leading PAM enablement, IAM solutions, and managing security processes for cloud infrastructure. This role requires hands-on experience with secret management and integration with HashiCorp Vault to protect sensitive data, as well as collaborating on policy reconciliation across clusters to address potential security risks.

As the Cloud Security Engineer, you will lead PAM enablement efforts across various environments, while also working closely with engineering teams to manage CI/CD pipeline security. You will play a key role in securing cloud infrastructure, remediating security issues, and implementing robust solutions for secret management. This includes overseeing a Proof of Concept (POC) for HashiCorp Vault and supporting the deployment of Prisma EDR (Endpoint Detection and Response) for production environments.

Key Responsibilities:

• Lead PAM enablement efforts across multiple environments, overseeing planning and execution for both production and non-production clusters.
• Drive IAM modeling and implementation, utilizing tools like One Identity and SKIM for managing roles and group setups.
• Manage CI/CD policy reconciliation in Jenkins, ensuring secure and efficient deployment processes.
• Conduct secret management using Google Secret Manager (GSM), rotating sensitive files and addressing security issues in collaboration with internal teams.
• Oversee the implementation of a HashiCorp Vault POC, ensuring secrets are secured across the infrastructure.
• Enable Prisma EDR for production environments to align with corporate security and compliance standards.
• Identify and mitigate risks associated with PAM/IAM enablement, including addressing secret rotation challenges and managing IAM binding limitations.
• Lead secret remediation efforts by cleaning up sensitive files across various branches.

Skills and Experience:

• 5+ years of experience in cloud security, PAM/IAM enablement, and secret management.
• Proficiency with CI/CD tools like Jenkins, including security integration within pipelines.
• Strong hands-on experience with HashiCorp Vault for secret management and cloud security.
• Expertise in Google Cloud Platform (GCP) security tools, such as Google Secret Manager (GSM).
• Strong troubleshooting skills in IAM risk management and secret management.
• Familiarity with endpoint detection solutions like Prisma EDR and their production deployment.

Preferred Certifications:

• HashiCorp Certified: Vault Associate or relevant certifications.
• CISSP, CISM, or other cloud security certifications.

Job Tags

Similar Jobs