Senior Cloud Security Engineer

• Senior Cloud Security Engineer
• Location: on-site in Pittsburgh, PA office (3x days per week, 2x days per week remote). Able to consider a relocation candidate, but not able to consider a candidate who will be traveling every week.
• Full-Time Employee (FTE) opening
• Joining a financial services / banking organization with offerings in commercial banks, insurance companies, credit unions, and community development
• Salary: $135,000 - $145,000 and 15% bonus
• Hiring in January 2026

Senior Cloud Security Engineer

About the Role

We are seeking a highly skilled Senior Cloud Security Engineer to join our Security & Compliance Services team. This is a hands-on engineering role focused on building, hardening, and maturing cloud security capabilities across a highly regulated financial environment. You will work across security, compliance, risk, and IT, supporting multiple business lines and helping shape the future of cloud security at enterprise scale.

This is a builder’s role—ideal for someone who thrives in environments where cloud implementation is in progress, not greenfield, and who can bring strong engineering expertise, best practices, and mentorship to teams adopting cloud security for the first time.

Key Responsibilities

Cloud Security Engineering & Architecture

• Design, develop, and deploy scalable cloud security solutions across AWS and Azure (experience with any major cloud provider accepted).
• Harden existing cloud environments and implement best practices for IAM, RBAC, Zero Trust, CSPM, CNAPP, and SaaS Security Posture Management.
• Lead the transition toward Terraform and Infrastructure as Code (IaC) maturity.
• Build and refine KRIs and KPIs to measure cloud security posture and program effectiveness.

Security Operations & Governance

• Conduct vulnerability assessments, risk analyses, and cloud security reviews.
• Monitor and respond to cloud security incidents using modern tooling (SIEM, IDS/IPS, EDR).
• Develop and maintain cloud security procedures and documentation.
• Ensure compliance with regulatory frameworks including PCI-DSS, GDPR, SOX, and other financial-industry standards.

Collaboration & Leadership

• Mentor and advise teams new to cloud security, guiding them through best practices and secure implementation patterns.
• Partner with IT, engineering, and development teams to ensure secure integration of cloud services.
• Work with third-party vendors and internal stakeholders to ensure security requirements are met.
• Contribute to security training and awareness initiatives.

What We’re Looking For

Technical Skills

• Strong understanding of Infrastructure as Code (IaC) and cloud security best practices.
• Experience with CSPM, Zero Trust, CNAPP, SaaS Security Posture Management, and cloud hardening.
• Hands-on engineering experience in AWS and/or Azure (both not required).
• Experience with Terraform, Ansible, CloudFormation, or similar tools.
• Strong IAM and RBAC best practices.
• Ability to build, measure, and improve cloud security metrics (KRIs/KPIs).

Professional Traits

• Self-starter with an ambitious, experiment-friendly mindset—comfortable learning, iterating, and not afraid to fail.
• Strong communicator who can translate complex security concepts to technical and non-technical audiences.
• Comfortable working in a small, horizontal team supporting multiple departments.

Experience Requirements

• Bachelor’s or Master’s in Computer Science, Information Security, or equivalent experience.
• 7+ years of experience in cloud security engineering.
• Cloud or cybersecurity certifications preferred.
• Experience in regulated industries (financial services strongly preferred).
• Demonstrated experience through specific projects and tasks—not just lists of tools.

Compliance Statements:

This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package. Qualified applicants must be willing and able to work on a w2 basis.

Please be advised- If anyone reaches out to you about an open position connected with Eliassen Group, please confirm that they have an Eliassen.com email address and never provide personal or financial information to anyone who is not clearly associated with Eliassen Group. If you have any indication of fraudulent activity, please contact InfoSec@eliassen.com.