Senior Security Engineer - Cloud Security

ABOUT THE ROLE We are looking for a Senior Security Engineer with deep cloud security expertise to own complex security workstreams across our multi-cloud environment and drive our vulnerability management program to the next level of maturity. This is a senior individual contributor role for a security engineer who independently leads complex technical initiatives, influences security decisions across engineering teams, and serves as a trusted cloud security subject matter expert. The role combines deep technical execution with cross-functional influence, while partnering with Security leadership and the Principal Security Architect on broader security strategy and architecture direction. You will operate across cloud security posture management, infrastructure hardening, vulnerability program leadership, and secure DevOps practices, with the seniority to make independent technical judgments, lead cross-functional security initiatives, and mentor colleagues. This role partners closely with the Principal Security Architect to operationalize cloud security standards, implement security controls, and execute security initiatives across Nasuni's cloud environments.  You are equally comfortable diving deep into cloud configurations, reviewing security architecture, and advising engineering teams on security trade-offs. Success In This Role Looks Like Improved cloud security posture across key cloud platforms Increased vulnerability remediation effectiveness and SLA attainment Expanded visibility and coverage of cloud security controls Reduced recurring security findings through automation and systemic improvements Increased adoption of secure-by-default cloud engineering practices WHAT YOU WILL DO Cloud Security Engineering and Posture Management Lead initiatives that continuously improve Nasuni's cloud security posture across AWS, Azure, and GCP, including workload security, IAM hardening, network segmentation, encryption, and least-privilege enforcement. Lead cloud security assessments and configuration reviews, identifying and remediating misconfigurations and security gaps using Wiz and cloud-native tools. Drive zero-trust initiatives and cloud-native security controls across our multi-cloud infrastructure. Partner closely with the security leadership to translate architectural standards into enforceable, operational controls, and provide ground-level feedback to shape those standards. Evaluate and implement security controls for container and Kubernetes workloads, CI/CD pipelines, and Infrastructure as Code. Contribute to cloud security architecture and design reviews by providing implementation guidance, operational security expertise, and risk assessments for new technologies and infrastructure changes. Vulnerability Management Program Ownership Lead execution and continuous improvement initiatives within Nasuni's vulnerability management program, partnering with Security leadership to influence strategy, tooling direction, prioritization frameworks, and program maturity across AWS, Azure, and GCP. Assess and enforce vulnerability SLAs and risk-based prioritization frameworks aligned to business risk appetite. Analyze vulnerability data across environments, synthesize trends, and produce executive-ready reporting on exposure, remediation velocity, and risk posture. Drive systemic remediation through collaboration with DevOps, SRE, IT/infrastructure, and engineering teams, moving beyond ticket-by-ticket fixes toward structural improvements. Continuously tune and optimize scanning coverage, detection fidelity, and platform configuration across all vulnerability management tooling. Identify program gaps, define improvement roadmaps, and present recommendations to security leadership. DevSecOps and Infrastructure Hardening Partner with DevOps and SRE teams to embed security controls into CI/CD pipelines, IaC templates, and cloud provisioning workflows. Drive adoption of security-as-code practices including policy-as-code, automated misconfiguration detection, and runtime security controls. Define and enforce secure configuration baselines across cloud workloads, operating systems, and network infrastructure. Assess and harden container and Kubernetes environments; support secrets management and workload identity practices. Incident Response Support the SecOps team by contributing to complex and high-severity incident responses within your domain. Advise the SecOps team on the development and improvement of incident response playbooks and runbooks for cloud and infrastructure-related security events. Conduct threat hunting in cloud environments and contribute to detection engineering efforts in collaboration with the SecOps team. Participate in post-incident reviews and systemic improvements that reduce recurrence of cloud security events or incidents. Compliance and Governance Partner with GRC to ensure the vulnerability management and cloud security controls align with compliance requirements. Own technical evidence preparation and control documentation within your workstreams for audit and compliance activities. Advise engineering and business teams on security considerations for new technologies, integrations, and infrastructure decisions. Mentorship and Team Contribution Mentor colleagues and peers, guiding technical decisions, sharing expertise, and improving the team's overall cloud security capabilities. Lead security tooling evaluations and contribute to decisions on platform investments and program improvements. Design, improve, and scale repeatable AI-assisted security workflows that enhance vulnerability analysis, cloud security assessments, remediation prioritization, and operational efficiency while maintaining strong validation, security, and risk-management practices. WHAT YOU WILL BRING Experience 6–9 years of experience in security engineering, cloud security, or a closely related discipline. Demonstrated ownership of complex cloud security workstreams in a