Cyber Security Consultant - CSRO (ID: 26000A7Q)
Mandatory Skills
Cloud Security - Risk & Compliance
Role Overview
We are looking for a Cyber Security Engineer with a strong focus on cloud security assessment, risk analysis, and governance for modern cloud platforms and cloud‑hosted AI‑enabled services.
This role is centered on evaluating cloud security posture, defining security guardrails, and providing risk visibility across AWS and Azure environments using enterprise security posture management and threat detection platforms.
The position also includes assessing security risks introduced by AI capabilities deployed in the cloud (such as generative AI services and AI‑enabled applications), ensuring they align with established cloud security, data protection, and governance standards.
Key Responsibilities
Cloud Security Risk Assessment & Governance (Primary Focus)
Perform security and architectural risk assessments for public cloud platforms (AWS & Azure).
Define, apply, and validate security guardrails covering:
Identity & access management
Network exposure
Data protection and encryption
Secrets and key management
Logging, monitoring, and detection
Apply Zero Trust principles, least‑privilege access models, and policy‑based governance during cloud security assessments.
Conduct ongoing cloud risk assessments using CSPM/CNAPP and security analytics tools.
Review cloud architectures to assess trust boundaries, data flows, identity models, and control effectiveness.
Translate technical findings into risk statements, control gaps, and remediation guidance for engineering and governance stakeholders.
Maintain cloud security risk documentation, control mappings, and management‑level reporting.
AI‑Enabled Workloads - Security & Risk Awareness (Secondary Focus)
Assess security risks associated with AI‑enabled applications hosted in the cloud, focusing on:
Data exposure and access control
Service misuse or unintended behavior
Integration risks with cloud identities, APIs, and storage
Perform targeted risk assessments for AI capabilities such as:
Generative AI services (data leakage, prompt misuse, abuse scenarios)
Controls to enforce secure fine-tuning of models with adherence to security framework designed.
Agent‑based services (scope of tool access, execution privileges, segregation of duties)
Ensure AI‑enabled services adhere to existing cloud security baselines, data governance policies, and risk management frameworks.
Align AI‑related findings with frameworks such as the NIST AI Risk Management Framework, positioning them within broader cloud governance processes.
Policy, Compliance & Security Posture Management
Build, tune, and maintain security policies in CNAPP/CSPM platforms to detect:
Misconfigurations
Excessive permissions
Network and data exposure risks
Configure cloud threat detection platforms to identify anomalous activity and potential threats across workloads.
Write and manage JSON‑based security policies and integrate them into cloud governance workflows.
Perform recurring security posture and compliance assessments to:
Validate alignment with internal cloud security standards
Measure control effectiveness and residual risk
Generate risk posture, compliance status, and executive‑level assessment reports.
DevSecOps & Cloud Architecture Assurance
Review Infrastructure as Code (IaC) to identify cloud security and architectural risks prior to deployment.
Embed security and compliance checks into CI/CD pipelines following DevSecOps principles.
Validate that cloud‑hosted AI‑enabled services follow the same secure deployment, access control, and monitoring standards as traditional cloud workloads.
Skills You’ll Need
Strong understanding of cloud security controls, risk assessment methodologies, and governance practices.
Hands‑on experience assessing AWS and Azure environments from a security and risk perspective.
Experience with cloud security posture management (CSPM), CNAPP, and threat detection platforms.
Working knowledge of Infrastructure as Code (IaC) and the ability to review it for security impact.
Familiarity with DevSecOps, CI/CD pipelines, and cloud security telemetry.
Strong grounding in Zero Trust architecture, least privilege access, and compliance frameworks.
Working awareness of AI security risks, particularly where AI intersects with cloud services (data governance, access control, misuse scenarios).
Ability to communicate risk clearly to engineers, architects, and governance stakeholders.
Nice to Have
Cloud or security certifications (e.g., Azure, AWS, security governance).
Experience with container security or distributed cloud systems.
Exposure to AI‑enabled cloud services (e.g., Azure OpenAI, Amazon Bedrock, Microsoft Foundry) from a governance or security posture perspective.
Familiarity with NIST AI RMF, ISO/IEC 42001, or responsible AI governance frameworks.
Profile Required: ACE can help you write this job description (go/ACE)
We are looking for a Cloud Security Engineer with strong development and automation skills. The ideal candidate should have:
Hands-on experience with Azure and AWS services to perform risk assessments and implement security guardrails.
Ability to develop and enforce security policies using CSPM/CNAPP
Strong Infrastructure as Code skills with Terraform and ARM templates for secure deployments.
Proficiency in PowerShell scripting
Knowledge of Zero Trust principles, least privilege access, and integration of security controls into CI/CD pipelines.
