Cloud Security Engineer (Azure)
Apply NowCompany: MatchPoint Solutions
Location: Houston, TX 77084
Description:
MatchPoint Solutions is a fast-growing, young, energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber, Robinhood, Netflix, Airbnb, Google, Sephora and more! More recently, we have expanded to working internationally in Canada, China, Ireland, UK, Brazil and India. Through our culture of innovation, we inspire, build, and deliver business results, from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry specific best practices and expertise.
We are excited to be continuously expanding our team. If you are interested in this position, please send over your updated resume. We look forward to hearing from you!
Title: Cloud Security Engineer (Azure)
Role Type: Full-Time Role
Location: Houston, TX
Rate: $135k
Key Outcomes
As a Cloud Security Engineer, your focus will be on building secure, scalable, and resilient cloud architectures. The role aims to achieve the following outcomes:
Key Responsibilities
Threat Detection, Prevention, and Remediation
Security Engineering Process
Compliance Management
Collaboration and Enablement
Continuous Improvement
Required Qualifications
Technical Expertise
Automation and Development
Compliance Knowledge
DevSecOps Practices
Preferred Certifications (Highly Valued, Not Required)
We are excited to be continuously expanding our team. If you are interested in this position, please send over your updated resume. We look forward to hearing from you!
Title: Cloud Security Engineer (Azure)
Role Type: Full-Time Role
Location: Houston, TX
Rate: $135k
Key Outcomes
As a Cloud Security Engineer, your focus will be on building secure, scalable, and resilient cloud architectures. The role aims to achieve the following outcomes:
- Strengthened Access Control: Ensure only authorized users, systems, and services can access cloud resources.
- Resilient Cloud Infrastructure: Design security frameworks that enable cloud environments to withstand and recover from attacks.
- Data Protection & Compliance: Protect sensitive data in transit and at rest while ensuring adherence to regulatory standards (e.g., GDPR, HIPAA).
- Proactive Threat Detection & Response: Identify and mitigate threats before they escalate.
- DevSecOps Integration: Embed security throughout the software development lifecycle.
- Compliance & Governance: Maintain compliance with legal and organizational security standards.
- Incident Response: Minimize impact through well-defined and efficient response protocols.
- Reduced Attack Surface: Conduct rigorous assessments to proactively eliminate vulnerabilities.
Key Responsibilities
Threat Detection, Prevention, and Remediation
- Identify and assess security risks, communicate threats, and implement remediation strategies.
- Design, implement, and maintain preventive and detective controls in AWS and Azure environments.
- Apply industry-standard frameworks, such as CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), and Microsoft Cloud Security Benchmark (MCSB).
- Monitor and report on the effectiveness of AWS/Azure controls and third-party solutions (e.g., Wiz).
Security Engineering Process
- Develop security processes, standards, and policies for cloud environments.
- Assist teams with integrating security into CI/CD pipelines and cloud workflows.
- Contribute to automation efforts and enhancements in cloud security posture.
Compliance Management
- Conduct audits, maintain security documentation, and ensure ongoing compliance with regulatory requirements (e.g., GDPR, HIPAA).
Collaboration and Enablement
- Work closely with developers, architects, and operations to implement and monitor security controls.
- Lead training sessions and workshops on cloud security best practices for AWS and Azure.
Continuous Improvement
- Stay informed on emerging threats, technologies, and best practices to continually improve cloud security strategies.
Required Qualifications
Technical Expertise
- Proven experience with AWS and/or Azure security tools and services.
- Hands-on knowledge of IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, Config, and automated remediation in AWS; Entra ID and Defender in Azure.
- Experience securing containers and Kubernetes environments.
- Strong grasp of network security (e.g., virtual networks, subnets, firewalls, governance).
- Experience with third-party remediation tools (e.g., Cloud Custodian, Stacklet).
- Familiarity with hybrid cloud security models.
Automation and Development
- Proficient in scripting (Python, PowerShell, Bash) and automation using AWS Lambda, Azure Functions.
- Experience with Infrastructure as Code (Terraform preferred).
- Ability to develop and implement policy-as-code using tools like GitHub Copilot or AWS CodeWhisperer.
Compliance Knowledge
- Practical experience ensuring compliance with GDPR, HIPAA, and cloud security benchmarks (e.g., CIS, AWS/FSBP, Microsoft/MCSB).
DevSecOps Practices
- Experience embedding security into DevOps workflows and CI/CD pipelines.
- Skills using GitHub, Azure DevOps, AWS/Azure CLI.
Preferred Certifications (Highly Valued, Not Required)
- AWS Certified Security - Specialty
- AWS Certified DevOps Engineer - Professional
- Microsoft Certified: Azure Security Engineer Associate
- Microsoft Certified: DevOps Engineer Expert
- CISSP, CCSP, or equivalent certifications