Role: Security Consultant
Location: Remote
FTE
Must Have Technical/Functional Skills
We are seeking an experienced Cloud Security Engineer to design, implement, and manage multi-cloud network security controls across Azure and GCP. The role focuses on Infrastructure-as-Code (IaC) delivery through Terraform, integrated into Azure DevOps Pipelines, GitHub Actions, and Argo CD GitOps workflows.
The ideal candidate is a subject matter expert (SME) who can build secure, automated solutions from scratch using Terraform, while documenting and transferring knowledge to internal teams. The role requires someone comfortable balancing planned project execution under agile methodologies with rapid incident triage (P0–P3) in a dynamic, fast-paced environment.
Roles & Responsibilities
Design, implement, and manage cloud-native network security controls in Azure and GCP, including:
• Azure NSGs (Network Security Groups)
• GCP VPC Service Controls (VPC-SC)
• GCP Cloud Armor (DDoS/WAF protection)
• GCP Cloud Next-Gen Firewall (NGFW Enterprise) with IPS/IDS
• Develop, maintain, and scale Terraform-based Infrastructure-as-Code modules for cloud infrastructure and security policies.
• Build, enhance, and manage CI/CD automation using Azure DevOps Pipelines and GitHub Actions.
• Support Kubernetes deployments and GitOps workflows using Argo CD, ensuring secure and reliable rollout of application manifests.
• Author clear documentation, runbooks, and deliver knowledge transfers/training to operational and engineering teams.
• Collaborate cross-functionally with cloud, security, and development teams to ensure secure, scalable solutions.
• Participate in agile ceremonies for planned project work and provide rapid incident response during P0–P3 security/networking events.
Required Qualifications
5+ years of hands-on experience as a Cloud Engineer / Cloud Security Engineer / DevOps Engineer.
• Strong expertise in Terraform (designing reusable modules, managing state, enterprise workflows).
• 5+ years of practical experience with Azure and GCP network security services: NSGs, VPC-SC, Cloud Armor, NGFW with IPS/IDS.
• Proficiency in CI/CD tools: Azure DevOps Pipelines and GitHub Actions.
• Familiarity with GitOps tools (Argo CD or Flux) for Kubernetes.
• Scripting proficiency (PowerShell, Bash, or Python) for automation and troubleshooting.
• Demonstrated experience documenting technical solutions, producing clear runbooks, and performing knowledge transfers to enable operational adoption.
• Strong troubleshooting and incident response skills in cloud environments.
Experience securing workloads in AKS (Azure Kubernetes Service) and GKE (Google Kubernetes Engine).
• Exposure to other CI/CD platforms (GitLab CI, Jenkins, CircleCI) and config management (Ansible).
• Relevant certifications (strongly desired):
• Cloud Security / Architecture: Microsoft Azure Security Engineer Associate, Azure Solutions Architect Expert, Google Professional Cloud Security Engineer, or Google Professional Cloud Architect
• IaC / DevOps: HashiCorp Certified: Terraform Associate, Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), or Azure DevOps Engineer Expert