Cloud Security Engineer

We are looking for a Cloud Security Engineer to lead and implement secure cloud architecture and practices in AWS environments. This role demands expertise in cloud-native security, vulnerability management, compliance frameworks, and integration of security controls across CI/CD pipelines. The ideal candidate will collaborate with cross-functional teams and be responsible for cloud posture management, threat detection, incident response, and regulatory compliance.

Location: Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
Work Conditions: On-site, Full-time

Qualifications & Requirements:

• Bachelor's degree in Computer Science, Engineering, or related STEM field.
• 7+ years of hands-on experience in cloud and cybersecurity roles.
• Advanced proficiency in AWS-native tools, with exposure to Azure or GCP security.
• Certifications preferred: AWS Security – Specialty, CCSP (Certified Cloud Security Professional), GIAC Cloud Security Automation or equivalent.
• Strong familiarity with compliance and regulatory frameworks (ISO 27001, GDPR, NIST SP 800-53, PCI-DSS).
• Experience with incident response, forensic analysis, and cloud governance tools.

Responsibilities:

• Design, implement, and manage secure AWS cloud environments, including use of AWS Control Tower or Landing Zone Accelerator.
• Develop and enforce security policies and guardrails using SCPs, AWS Config, and IAM best practices.
• Configure and maintain cloud perimeter firewalls and AWS WAF to protect public-facing assets.
• Evaluate and integrate security tools for CSPM, CNAPP, CWP, and ASPM (e.g., Wiz, Prisma Cloud, AquaSec).
• Manage cloud-native services and security monitoring tools like AWS GuardDuty, Security Hub, Macie, Inspector, and Trusted Advisor.
• Define and implement SIEM/SOAR integrations and workflows for alert triage and remediation in coordination with DevSecOps.
• Conduct root cause analysis for security incidents and collaborate with engineering for resolution.
• Support and guide multi-cloud security initiatives across AWS, Azure, and GCP.
• Build and manage compliance reporting aligned to standards such as GDPR, PCI-DSS, SOC 2, and ISO 27001.
• Define and track security KPIs/KRIs, and generate dashboards and visibility reports.
• Design and maintain security architecture diagrams, runbooks, and operational playbooks.
• Work closely with auditors and stakeholders to ensure audit readiness and policy adherence.

Skills and Attributes:

• Deep knowledge of AWS security architecture, including VPC, Security Groups, NACLs, IAM, Transit Gateway, ALB/NLB.
• Strong understanding of cloud threat models, encryption (KMS, TLS), DLP, and secure network configuration.
• Experience in DevSecOps pipelines and CI/CD toolchain integration (Jenkins, GitHub Actions, Terraform, etc.).
• Effective communicator, able to explain technical issues to both technical and non-technical stakeholders.
• Ability to work independently and in a collaborative team environment.
• Strong analytical and problem-solving skills.