Manager, Security Engineering (Cloud Security)

The Cloud Security Manager is responsible for leading the strategy, implementation, and oversight of cloud security initiatives across AWS, Azure, and other cloud platforms. This role ensures the confidentiality, integrity, and availability of cloud-hosted systems and data, aligning with Tekion’s security posture and compliance requirements.

Responsibilities & Deliverables

• Develop and maintain the cloud security roadmap in alignment with Tekion’s broader security strategy and business goals
• Architect secure cloud environments across AWS and Azure, ensuring coverage of production accounts and subscriptions
• Lead the identification and remediation of toxic cloud risks using platforms like Wiz, including contextual risk analysis and runtime threat detection
• Leveraging your deep knowledge of AWS & Azure networking services such as VPC, Network Firewall, NAT Gateway, NACLs, Shield, CloudFront, and Cloud WAN.
• Implement and manage encryption standards across all AWS & Azure services, including KMS, CloudHSM, Secrets Manager, EBS encryption, and S3 encryption
• Develop and implement a comprehensive IAM strategy for a multi-account ecosystem, focusing on least privilege and role-based access control (RBAC)
• Oversee vulnerability assessments, penetration testing, and root cause analysis for cloud infrastructure
• Monitor cloud environments for anomalies and threats, leveraging CSPM, CWPP, and DSPM tools
• Coordinate incident response efforts for cloud-related breaches and exposures, including public S3 buckets and misconfigurations
• Ensure compliance with internal policies and external regulations (e.g., ISO, GDPR, DPDP) through continuous audit readiness and policy enforcement
• Collaborate with privacy and legal teams to align cloud security controls with data governance and privacy frameworks
• Work closely with DevOps, IT, and product teams to embed security into CI/CD pipelines and cloud-native workflows
• Provide guidance and training to engineering teams on secure cloud development practices and remediation workflows
• Mentor and lead a team of cloud security engineers, fostering a culture of proactive security and continuous improvement.
• Represent cloud security in executive updates, board presentations, and security awareness initiatives.

Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
• 10+ years of experience in cybersecurity, with 3+ years focused on cloud security.
• Expertise in AWS & Azure, and cloud-native security tools (e.g., Wiz, Oligo, Valence).
• Certifications such as CCSP, CISSP, or AWS/Azure Security Specialty preferred.
• Strong understanding of cloud architecture, IAM, network security, and data protection.
• Proven ability to lead cross-functional teams and manage complex security programs.
• IaC (infrastructure as code) expertise.
• Expert-level knowledge of AWS security best practices and services.
• Expertise in encryption standards and key management, including KMS, CloudHSM, and Secrets Manager.
• CI/CD expertise.