CrawlJobs Logo

Cloud Security Expert

Italy, Rende Employment contract · Job Posted July 03, 2026
Apply Position
Job Link Share

Job Description

Cap4 Lab is seeking a skilled Cloud Security expert to lead the end-to-end security architecture of our PaaS platform. In this role, you will bridge the gap between high-level strategic design and hands-on cloud-native engineering. You will be responsible for building a secure, automated, and compliant environment using Infrastructure-as-Code (IaC) and modern DevSecOps practices. As part of a lean, automation-driven team reporting directly to the CISO, you will have significant ownership over our security roadmap, focusing on multi-tenant isolation, zero-trust principles, and automated compliance. We are looking for a security leader who prefers code over spreadsheets. At Cap4 Lab, you won't just be managing security, you will be building it. You will own the end-to-end architecture of our PaaS, ensuring that our multi-tenant environment is resilient, automated, and compliant by design.

Job Responsibility

  • Security Architecture & Design: Perform threat modeling (STRIDE)
  • define security baselines
  • and design robust controls for IAM, WAF, KMS, Kubernetes, and network segmentation
  • Automation & Implementation: Deploy and maintain cloud infrastructure using IaC (Terraform)
  • enforce multi-tenant isolation
  • and manage certificate lifecycles, WAF/TLS termination, and Cloud Security Gateways
  • Resilience & Operations: Automate backup/DR workflows and cross-region replication
  • monitor configuration drift
  • and integrate telemetry into SIEM/EDR systems
  • Compliance & Governance: Map technical controls to SOC 2/ISO 27001 frameworks
  • guide penetration testing efforts
  • and implement automated evidence collection for audit readiness
  • Security Enablement: Mentor engineering teams on secure design patterns, review CI/CD pipeline security, and maintain comprehensive architecture decision records (ADRs)

Requirements

  • 2+ years of experience in Security Architecture and Cloud-Native Engineering (AWS, Azure, Alibaba Cloud or GCP)
  • hands-on experience with Kubernetes (K8s), container security, multi-tenancy, and Zero Trust architecture
  • Proficiency in IaC (Terraform or CloudFormation) and Policy-as-Code within GitOps workflows
  • background in WAF, PKI/TLS, KMS, and SIEM/EDR integration
  • experience with threat modeling and frameworks like SOC 2 or ISO 27001
  • cloud-specific security certifications (e.g., AWS Certified Security Specialty) are highly preferred
  • Experience securing PaaS/SaaS platforms
  • Experience designing client-facing security/trust centers

Nice to have

  • cloud-specific security certifications (e.g., AWS Certified Security Specialty)
  • Experience securing PaaS/SaaS platforms
  • Experience designing client-facing security/trust centers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Cloud Security Expert

8 matching positions

Senior Cloud Security Engineer – Cloud Foundation

Yotpo is leading the next era of trust and loyalty in eCommerce. With AI-powered...
Location
Location
Bulgaria , Sofia
Salary
Salary:
Not provided
yotpo.com Logo
Yotpo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience as Cloud Security Engineer, DevSecOps, or similar roles within an AWS environment
  • Expertise in managing cloud security controls (IAM, Security Groups/ACLs, WAF, IDS/IPS, load balancing, proxies, VMs, serverless)
  • Experience securing Kubernetes and containerized workloads
  • Proficiency with Python/Bash scripting and automation
  • Experience with Infrastructure-as-Code (IaC), preferably Terraform, and CI/CD tooling (e.g., GitHub Actions)
  • Strong communication skills to influence and guide teams as a cloud security SME
  • Excellent problem-solving skills for high-complexity environments
  • Excellent written and verbal English
Job Responsibility
Job Responsibility
  • Serve as Cloud Security Subject Matter Expert (SME), actively supporting R&D and product teams in developing secure solutions
  • Design secure cloud architectures and implement practical, automated, and scalable controls across services in partnership with DevOps, R&D, and Product teams
  • Continuously assess cloud security posture, identifying gaps and opportunities to reduce risk and adopt best practices
  • Implement, mature, and automate end-to-end cloud security controls across AWS, Kubernetes, CI/CD pipelines, and self-managed systems
  • Lead and improve vulnerability management workflows
  • communicate vulnerabilities and mitigation strategies to stakeholders, balancing business agility and security
  • Own the full lifecycle of security initiatives from proof of concept (POC) and design to deployment and operation while promoting a security-first mindset
  • Maintain and develop the team knowledge base
  • Stay curious and enjoy working with modern security tools and technologies
What we offer
What we offer
  • Track to success – work in a dynamic organization with ambient and laid-back office atmosphere
  • Individualized career development, rewards, and recognition
  • Work-life balance – 25 days paid vacation with add-ons for loyalty, regular team buildings and celebrations in and outside the country
  • Additional health insurance package
  • Internal mobility program and refer-a-friend program
  • Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
  • Food vouchers
  • E-learning portals and knowledge sharing sessions
  • Company backed Hackathons, Tech conferences, workshops events, etc
  • Stocked kitchen and bar
  • Fulltime
Read More
Arrow Right

Security Engineer, Cloud Security

We are seeking an experienced Security Engineer with expertise in cloud security...
Location
Location
United States , New York, NY; Washington, DC
Salary
Salary:
Not provided
cape.co Logo
Cape
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
  • A minimum of 5 years of experience in information security
  • At least 3 years concentrated on cloud security within AWS environments
  • Deep understanding of AWS architecture, security services, and best practices
  • Proficiency in using infrastructure as code (IaC) tools (like CDK, Terraform, or AWS CloudFormation)
  • Skilled in scripting languages (Python, TypeScript, Go)
  • Familiarity with containerization and microservices
  • Solid knowledge of network security, encryption technologies, and secure coding practices
  • Excellent analytical skills
  • Strong communication and leadership abilities
Job Responsibility
Job Responsibility
  • Design, implement, and manage robust security controls and policies within AWS
  • Perform comprehensive security assessments of our cloud environments
  • Lead the integration of security practices into the DevOps lifecycle
  • Utilize and optimize AWS security tools and explore third-party solutions
  • Assist in running and address findings from penetration tests and security audits
  • Stay informed about the latest security threats, vulnerabilities, and compliance mandates
  • Provide expert mentorship to junior security team members and engineers
  • Collaborate with stakeholders to integrate security requirements effectively into engineering projects and broader business initiatives
What we offer
What we offer
  • 401(k) match
  • 100% coverage of medical, dental, and vision premiums for you and your dependents
  • 12 weeks paid parental leave (for all parents, no waiting period)
  • Stipends for Family-forming needs
  • Stipends for Gender-affirming care
  • Unlimited PTO
  • Fulltime
Read More
Arrow Right
New

Principal, Cloud Security Architect (Director Level), Global Cyber Security

The Principal Cloud Security Architect will lead the design, engineering, and de...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
brewin.co.uk Logo
Brewin Dolphin
Expiration Date
July 08, 2026
Flip Icon
Requirements
Requirements
  • Demonstrable experience in Cyber Security, with a focus on cloud security architecture and engineering
  • Deep hands-on expertise with Microsoft Azure security (Defender for Cloud, Entra ID, Azure Policy, Network Security Groups, Private Link, Key Vault)
  • Strong knowledge and experience of cloud security frameworks and governance practices with extensive hands-on experience with Azure cloud platform
  • Strong experience securing Kubernetes at scale with AKS and/or OpenShift Container Platform—including admission controllers, OPA/Gatekeeper/Kyverno, service mesh security, and runtime protection
  • Hands-on experience with Wiz CNAPP (or equivalent CNAPP platform) in a large enterprise environment, including policy authoring, risk scoring, and integration with ticketing/remediation workflows
  • Experience securing CI/CD pipelines and infrastructure-as-code—GitHub Actions, Terraform (including Sentinel/OPA policy), container image pipelines, artifact signing, and SBOM generation
  • Demonstrated ability to operate as both a security architect and hands-on practitioner—willing to roll up sleeves and write IaC, policy-as-code, automation scripts, or pipeline configurations when needed
  • Demonstrated experience making architectural decisions based on simplicity, industry frameworks, scalability, and reusability
  • Ability to partner effectively with key stakeholders on complex programs with excellent communication, facilitation, and presentation skills.
Job Responsibility
Job Responsibility
  • Lead efforts to secure Azure cloud platform at RBC Brewin Dolphin, serving as the primary security subject matter expert for Azure-native services, identity, networking, and data protection controls
  • Lead, execute, and deliver on Cloud Security strategy and initiatives with measurable outcomes
  • Build, innovate, and mature Cloud Security Capabilities at RBC Brewin Dolphin
  • Lead the development of end-to-end technical cloud security design and architecture to ensure safe application on-boarding to meet sponsor/stakeholder needs, without impacting planned time to market timelines
  • Conduct threat modeling, security architecture assessments, and cloud service security reviews to ensure alignment with industry best practices and RBC's risk appetite
  • Architect and drive security strategy for Azure Kubernetes Service (AKS) and OpenShift Container Platform, including cluster hardening, admission control, runtime security, image assurance, network policy, secrets management, and workload identity
  • Define and implement security controls for Azure infrastructure supporting AI/ML workloads, including compute provisioning, networking, storage, identity, and platform services (Microsoft Foundry/Azure OpenAI Service, Azure Machine Learning)
  • Lead the enterprise deployment and operationalisation of Wiz CNAPP, including CSPM, CWPP, CIEM, DSPM, and container/Kubernetes security capabilities—driving policy-as-code, risk prioritisation, and remediation workflows at scale
  • Embed security into CI/CD pipelines and software supply chain (GitHub Actions, Terraform, ArgoCD, Helm) through automated scanning, policy enforcement, IaC security validation, and shift-left developer tooling
  • Lead and build preventative and detective controls/measures according to RBC Brewin Dolphin's cloud control objectives while using modern automation, config as code, and TDD principles to bring reliability
What we offer
What we offer
  • A comprehensive Total Rewards Program including bonuses, flexible benefits and competitive compensation
  • Leaders who support your development through coaching and managing opportunities
  • Opportunities to work with the best in the field
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • A world-class training program in financial services.
  • Fulltime
!
Read More
Arrow Right
New

Lead Cloud Security Architect

Location
Location
Sweden; United Kingdom; Poland , Stockholm; London; Łódź; Warsaw; Gdansk; Cracow
Salary
Salary:
Not provided
arrive.com Logo
Arrive
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of experience in technology, with at least 7 years in a dedicated cloud security or infrastructure security role
  • Demonstrated experience designing and implementing secure landing zones in a multi-cloud environment (GCP, AWS)
  • Hands-on experience with the architecture and strategy of cloud security tools (e.g.,Wiz, Orca)
  • A Bachelor’s degree in a relevant field or equivalent professional experience.
Job Responsibility
Job Responsibility
  • Champion and orchestrate the definition of Arrive’s cloud security architecture, from identity boundaries to network segmentation, in partnership with Data & Analytics teams, Engineering, and IT
  • Develop and maintain a comprehensive set of global security standards, baselines, and guidelines for cloud-native services, container security, and serverless computing
  • Create and champion the strategy for cloud security tooling including CSPM (Cloud Security Posture Management) and CWPP (Cloud Workload Protection) - ensuring these platforms are architected for seamless SecOps integration, automated alerting, and streamlined incident response workflows
  • Define and manage cloud security standards for Mergers & Acquisitions, establishing requirements for the secure migration and integration of acquired cloud environments
  • Own and evolve the cloud security reference architecture, providing a clear 'north star' for all engineering teams to follow
  • Operating 'Together,' you will act as strategic partner for the Infrastructure, SecOps, and engineering teams, orchestrating a cohesive security vision that spans the entire cloud and AI-first engineering landscape
  • Act as a lead security consultant and strategic partner for infrastructure, SecOps, and Engineering teams - providing expert guidance on secure cloud design patterns and landing zone configurations
  • Forge a dynamic partnership with the Security Platform team: co-design the infrastructure-as-code (IaC) security roadmap and introduce new architectural patterns where needed
  • Lead security architecture reviews and threat modeling sessions for complex cloud migrations and high-risk infrastructure changes
  • Act as a senior mentor and advocate for cloud security champions across the organization, helping to grow our internal technical talent
  • Fulltime
Read More
Arrow Right
New

Cloud Security Architect – Senior

Barbaricum is a rapidly growing government contractor providing leading-edge sup...
Location
Location
United States , Washington
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Cloud Computing, Engineering, or a related field
  • Master's degree preferred
  • Cloud architecture or security certifications preferred, such as AWS Certified Solutions Architect, Google Cloud Professional Cloud Architect, Microsoft Azure Solutions Architect Expert, Certified Cloud Security Professional (CCSP), or similar
  • 10+ years of experience developing, implementing, securing, or managing cloud environments, particularly in a government, federal, defense, or secure IT setting
  • Demonstrated experience developing cloud security architectures, security policies, control frameworks, compliance artifacts, or secure deployment patterns
  • Experience supporting cybersecurity compliance, security audits, vulnerability management, incident response, risk assessments, and continuous monitoring activities
  • Experience working with cloud engineering, DevSecOps, application, infrastructure, cybersecurity, and Government stakeholder teams preferred
  • DoD Secret Security Clearance
Job Responsibility
Job Responsibility
  • Define and govern secure cloud security architectures by selecting and approving DoD SRG- and FedRAMP-compliant services for MC&FP cloud environments
  • Develop security architectures, control frameworks, policy artifacts, and technical patterns aligned with DISA, DoD, FedRAMP, and applicable federal cybersecurity requirements
  • Establish and mature Zero Trust security patterns across cloud environments, including identity, access, segmentation, monitoring, data protection, and compliance enforcement considerations
  • Provide architectural direction for DevSecOps integration, vulnerability assessment scope, security compliance enforcement, and secure cloud deployment practices
  • Collaborate with IT, cybersecurity, cloud engineering, and program teams to ensure cloud architectures follow strict security protocols and mission requirements
  • Develop, implement, and maintain cloud security policies, protocols, procedures, standards, and governance artifacts
  • Assess existing security measures, cloud configurations, network security controls, and application security practices, and recommend enhancements to reduce cyber risk
  • Monitor security vulnerabilities, cyber threats, network traffic, and unusual activity affecting cloud infrastructure, data, and mission systems
  • Conduct security audits, risk assessments, control reviews, and compliance assessments, and prepare audit reports and leadership-level findings
  • Support incident response activities, including investigation, containment support, root cause analysis, and post-event analysis of cybersecurity incidents
  • Fulltime
Read More
Arrow Right

Oracle Cloud Security Engineer

We are seeking a Cloud Security Engineer – Oracle Cloud Infrastructure (OCI) to ...
Location
Location
United States , Phoenix
Salary
Salary:
Not provided
technologent.com Logo
Technologent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Technology, or a related technical discipline, or equivalent work experience
  • 5+ years of experience working with Oracle Cloud Infrastructure (OCI) foundational services including: Identity and Access Management (IAM)
  • Virtual Cloud Networks (VCN/VPC)
  • Compute Services
  • Storage Services
  • Cloud Logging and Monitoring
  • Security Controls and Governance
  • Hands-on experience with: Terraform
  • Sentinel
  • Infrastructure Automation
Job Responsibility
Job Responsibility
  • Design, implement, and maintain secure cloud infrastructure solutions within Oracle Cloud Infrastructure (OCI)
  • Develop and manage Infrastructure-as-Code (IaC) solutions using Terraform and related automation tools
  • Define, implement, and maintain Policy-as-Code (PaC) frameworks using Sentinel and cloud-native policy enforcement mechanisms
  • Enhance cloud security guardrails and governance controls by collaborating with CNAPP and security teams to enforce secure-by-default cloud configurations
  • Configure and support OCI foundational services including IAM, VPC, Compute, Storage, Cloud Logging, and Security Controls
  • Troubleshoot, reproduce, and resolve customer-reported issues across Oracle Cloud services and underlying cloud architectures
  • Support and secure Oracle PaaS services including Oracle Analytics Cloud, Oracle Integration Cloud, Storage, Streaming, and related offerings
  • Design cloud architectures that ensure high availability, resilience, visibility, and security
  • Implement and maintain cloud logging, monitoring, metrics collection, and security visibility solutions
  • Develop tools and automation solutions to improve operational efficiency and accelerate issue diagnosis
Read More
Arrow Right

Information Security Expert

We are looking for an independent and highly skilled Information Security Expert...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Typically 6-8 years of experience in internal audit, security auditing, IT risk, compliance, or similar specialist roles
  • Proven experience auditing SaaS environments and cloud architectures is a strong plus
  • Demonstrated experience testing actual operational control effectiveness using direct system evidence and technical configurations
  • Solid understanding of IT platforms, applications, security architectures, and Identity and Access Management (IAM), including RBAC, PAM, access governance, and user lifecycle controls
  • Strong familiarity with industry standards and compliance frameworks such as ISO 27001, SOC 2, NIST, CIS, and GDPR
  • Comfort working in a hybrid, DevOps, and Agile environment
  • Full professional fluency in English (the working language of the team)
  • Ability to work in a hybrid setup (1-2 days per week from the office)
  • Willingness to travel abroad as required for audit-related activities
Job Responsibility
Job Responsibility
  • Conduct detailed technical analyses, evidence gathering, root-cause identification, and actionable reporting
  • Evaluate control designs versus actual operational effectiveness using direct system evidence rather than design intent alone
  • Provide key insights into technical gaps, emerging security risks, and strategic improvement opportunities
  • Lead and conduct thorough end-to-end audits of systems, processes, SaaS platforms, and third-party vendors
  • Analyze technical configurations, including access controls, authentication mechanisms, security settings, and system behaviors
  • Review and interpret log files, audit trails, and system monitoring data to validate control effectiveness and locate weaknesses
  • Evaluate cloud, SaaS, and platform architectures against shared responsibility models to call out security and ownership gaps
  • Actively engage and collaborate with internal and external stakeholders, including Risk, Procurement, Contract Owners, and suppliers
  • Work aligned with DevOps & Agile methodologies within an international team
Read More
Arrow Right

Expert Cloud Platform Engineer

We are currently seeking a Expert Cloud Platform Engineer (FTE/Hybrid) to join o...
Location
Location
United States , Charlotte
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 years hands-on experience designing and administering VMware vSphere (ESXi and vCenter) at an enterprise scale
  • Proven ability to deploy and manage software-defined networking and security using VMware NSX
  • Strong operational knowledge of the VMware Aria (formerly vRealize) Suite, particularly Aria Automation and Aria Operations
  • Solid understanding of VMware Cloud Foundation (VCF) architecture and lifecycle management (SDDC Manager)
  • Proficiency in basic system administration, configuration, and troubleshooting for both Red Hat Enterprise Linux (RHEL) and Windows Server environments
  • Solid foundation in TCP/IP networking protocols and enterprise routing/switching principles
  • Hands-on experience managing and integrating core infrastructure services, specifically DNS, DHCP, and IPAM
  • Proficiency in writing and maintaining automation playbooks using Ansible
  • Strong scripting skills in Python for building custom API endpoints, interacting with VMware REST APIs, and automating complex infrastructure tasks
  • 8 years experience with Terraform for infrastructure provisioning and state management
Job Responsibility
Job Responsibility
  • Architect, deploy, and manage private cloud environments utilizing VMware Cloud Foundation (VCF) 9, ensuring optimal resource allocation and scalability
  • Design and implement automated workflows for VM lifecycle management, day-two operations, and event-driven triggers
  • Develop API services to integrate virtualization platforms with internal catalogs and deployment pipelines
  • Oversee the foundational OS and network layer supporting the virtualized environment, ensuring seamless integration of core IP services and reliable guest OS performance
  • Monitor enterprise infrastructure to ensure maximum uptime for mission-critical internal banking applications
  • Proactively tune CPU, memory, and storage configurations for performance and cost-efficiency
  • Implement and enforce strict security policies, micro-segmentation, and role-based access controls (RBAC) to adhere to US banking regulations and internal audit standards
  • Drive the evolution of platform engineering practice by incorporating infrastructure-as-code (IaC) principles
  • Provide technical guidance and escalation support for junior administrators and operational teams
  • Fulltime
Read More
Arrow Right