Cloud Security Engineer

Job Description

Job Description

Cloud Security Engineer

Location: National Capitol Region (Remote work but must live in the Washington, DC area for occasional meetings)

Job Type: Full-Time

About the Role:

We are seeking a highly skilled Senior Cloud Security Engineer to join our dynamic security operations team. The ideal candidate will have deep expertise in Azure security, endpoint detection, vulnerability management, and security architecture, with hands-on experience in integrating advanced security tools and automating processes. You will be responsible for securing and architecting cloud infrastructure, managing endpoint detection systems, implementing security policies, and leading new software evaluations across a complex enterprise environment.

Key Responsibilities:

1. Azure Security & Cloud Engineering:
   • Design, implement, and enforce security policies for Azure subscriptions, including Defender for Cloud, identity baselines, RBAC, and logging.
   • Enforce configuration standards across Azure resources at scale using Azure Policy, Blueprints, and landing zones.
   • Integrate Azure Activity Logs and Defender alerts into SIEM solutions such as Splunk, ensuring comprehensive monitoring and incident response.
   • Secure Azure VMs (Linux and Windows) from baseline to monitoring.
2. Endpoint Detection & Response (EDR) Management:
   • Lead the deployment, monitoring, and troubleshooting of EDR solutions (CrowdStrike, SentinelOne) across the enterprise.
   • Evaluate and compare CrowdStrike and SentinelOne, and recommend the best solution based on specific use cases.
   • Ensure proper EDR agent deployment, validate reporting, and correlate asset data using tools like Axonius, Splunk, and Tenable.
   • Troubleshoot and resolve issues where EDR agents fail to report or check in.
3. Carbon Black App Control (Bit9) Management:
   • Implement and manage high-enforcement whitelisting policies using Carbon Black App Control.
   • Safely onboard new applications and handle block events, determining whether to allow or deny them.
   • Manage developer code signing and App Control approvals in a high-enforcement environment.
4. Splunk Configuration and Engineering:
   • Configure and troubleshoot Splunk Heavy Forwarders (HF) and Deployment Servers (DS) for efficient data ingestion.
   • Manage large-scale Splunk app deployments and validate log source parsing before sending data to production.
   • Design and implement custom inputs and ensure optimal performance in data collection and forwarding.
5. Vulnerability Management (Tenable.io):
   • Implement and manage Tenable.io vulnerability scanning solutions across a large-scale cloud environment.
   • Build and assign scan templates, prioritize vulnerabilities based on risk factors (CVSS, VPR, asset criticality), and ensure remediation.
   • Address issues with credential errors in vulnerability scans and improve overall vulnerability management processes.
6. New Software Evaluation & Architecture Support:
   • Lead the security review process for new applications and tools, ensuring they meet security gates for permissions, data flow, logging, and compatibility with existing security tools.
   • Evaluate vendor tools that require local admin privileges or service account access and ensure proper security assessments are conducted.
7. Linux Support & Hardening:
   • Apply Linux hardening controls (e.g., STIG/CIS) to new VMs and automate compliance checks using tools such as Ansible, Lynis, and OpenSCAP.
   • Troubleshoot and resolve performance issues on Linux systems, using appropriate diagnostic tools.
8. Scripting & Automation:
   • Automate security tasks using PowerShell and Python to streamline processes, such as parsing logs, interacting with APIs (Tenable, CrowdStrike), and managing system configurations.
   • Develop scripts to automate security tasks, such as vulnerability scanning, log parsing, and compliance checking.
9. Cross-Team Communication & Collaboration:
   • Work closely with other teams to push back on security risks and advocate for necessary security controls in project timelines.
   • Document engineering processes and security architectures for repeatability and auditability.
10. Continuous Improvement:
    • Lead efforts to continuously improve security posture through research, process refinement, and tool upgrades.
    • Identify blind spots or weaknesses in security and proactively implement changes to mitigate risks.

Key Skills & Qualifications:

• Experience:
  • 5+ years in Cloud Security Engineering or related roles, with a focus on Azure Security.
  • Hands-on experience with security solutions like CrowdStrike, SentinelOne, Carbon Black App Control, and Tenable.io.
  • Expertise in Splunk (Heavy Forwarders, Deployment Server) and SIEM architecture.
  • Experience with vulnerability management, including scanning, remediation, and prioritization in cloud environments.
• Technical Skills:
  • Proficiency with Azure Governance, Azure Policy, and Defender for Cloud.
  • Strong scripting skills in PowerShell and Python for automation.
  • Experience with Linux system hardening (STIG, CIS), and automation using Ansible or similar tools.
  • Solid understanding of security protocols, threat detection, and incident response.
• Soft Skills:
  • Excellent communication skills, with the ability to articulate complex security issues to non-technical teams.
  • Proven ability to work cross-functionally with teams to influence decision-making and enforce security policies.
  • Ability to troubleshoot complex security and infrastructure issues

Company DescriptionPKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKHE has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution.

To all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs.

PKH Enterprises is an Equal Opportunity Employer.

Company Description

PKH Enterprises (PKH) is a small, woman-owned professional services firm dedicated to helping clients address challenging policy and technology issues. The PKH team is comprised of professionals with varied backgrounds combining legal, policy and technical expertise and offers the services and experience of business process engineers, senior subject matter experts and certified project managers. Our diverse capabilities help our clients improve performance and achieve innovative solutions to their most complex business problems. Our clients turn to us as partners and trusted advisors, and depend on our ability to anticipate, recognize and address their specific needs. PKHE has a reputation for excellence and remains dedicated to generating successful results for tasks at all levels of project execution. \r\n\r\nTo all recruitment agencies: PKH Enterprises does not accept unsolicited agency resumes/CVs. PKH Enterprises is not responsible for any fees related to unsolicited resumes/CVs.\r\n\r\nPKH Enterprises is an Equal Opportunity Employer.