IT Security Engineer - Cloud
CMG Financial
Description
CMG Financial is hiring a Security Engineer for our cloud environment to help secure our Azure-primary cloudand the hybrid environment that supports one of the nation's largest privately held mortgage lenders. Workingwithin the Information Security team, you will harden cloud posture, tighten identity and access, and build thedetection and automation that keep our environment defensible. This role is built for growth: you will ownmeaningful cloud security work from the start and expand your scope and depth over time. It operates in ahighly regulated lending environment, subject to regulatory examinations and investor and agency audits.
ESSENTIAL DUTIES and RESPONSIBILITIES, includes the following responsibilities, but not limited to:
- Operate and tune Microsoft Defender for Cloud (CSPM/CNAPP) across Azure subscriptions, remediatingmisconfigurations and excessive access.
- Enforce preventative guardrails with Azure Policy and benchmark configuration against CIS Benchmarks andthe NIST Cybersecurity Framework.
- Apply least-privilege access in Microsoft Entra ID using Azure RBAC, PIM, and Conditional Access, and runperiodic access reviews and attestations.
- Use Microsoft Purview and Defender for Cloud data-aware posture (DSPM) to classify and protect sensitivecloud data.
- Embed security into Terraform and GitHub Actions pipelines, including IaC scanning, policy-as-code, andsecrets management.
- Support threat modeling and secure design reviews for new and changing cloud workloads.
- Engineer Microsoft Sentinel data ingestion (data connectors, Data Collection Rules and Endpoints) and builddetections.
- Integrate Microsoft Defender for Cloud and Defender XDR signals into Sentinel for unified detection andresponse.
- Support cloud threat hunting, incident response, and automation of enrichment and remediation.
- Map cloud controls to recognized frameworks and produce control evidence for regulatory examinationsand investor and agency audits.
REQUIRED QUALIFICATIONS:
Education and Experience
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field, or equivalent practical experience.
- 3+ years in cloud security or cloud engineering, including hands-on Microsoft Azure security.
Core Cloud Security Skills (Azure)
- Microsoft Defender for Cloud, Azure Policy, and Microsoft Entra ID (Azure RBAC, PIM, Conditional Access).
- Cloud security posture management (CSPM/CNAPP), with the ability to find and remediate misconfigurations and excessive access.
DevSecOps and Automation
- Infrastructure-as-Code with Terraform and CI/CD security in GitHub Actions.
- Scripting and automation with Python, PowerShell, and KQL. Using GenAI to generate and validate scripts iswelcomed and approved.
Detection and Monitoring
- Microsoft Sentinel, including Log Analytics ingestion (data connectors, DCR/DCE).
- Security architecture, design review, and threat modeling, with working knowledge of NIST CSF and CISBenchmarks.
Preferred Certifications
- AZ-500, SC-100, or a relevant GIAC credential (GCSA, GCDA, or GCFR).
Nice to Have
- Hands-on AWS security (the role is Azure-primary; AWS is a plus).
- GitHub Advanced Security (GHAS); container and Kubernetes (AKS) security.
- Secrets and key management (Azure Key Vault).
- Experience in financial services, mortgage, or other highly regulated industries, including producing audit and examination evidence.
- Experience maintaining a guardrail exception register and running quarterly drift retrospectives across Azure management groups.
SUPERVISORY RESPONSIBILITIES:
Direct Reports: N/A
PHYSICAL and ENVIRONMENTAL CONDITIONS
This role operates in an ADA compliant office environment, utilizing typical office equipment and tasks including computer work. The position may involve partial stationary positions and moving throughout the day. Flexibility to work overtime to meet project deadlines is required.
Base Compensation Information– This role is a remote position that is currently allocated for candidates within geographic regions that do not currently require base wage disclosure. The compensation range for this position will be provided upon request. (Due to their geographic location, residents of the states of CA & CO, and for NY are excluded from this role at this time.)
CMG Financial is an equal opportunity employer and does not unlawfully discriminate in employment decisions. CMG will consider all qualified applicants without regard to race, religion, national origin, sex, age, veteran status, disability, familial status, marital status, actual or perceived sexual orientation, or actual or perceived gender identity. Applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of CMG Financial or reach out to Show email.
CMG MORTGAGE, INC. NMLS #1820 If you are a recruiter or placement agency, please do not submit resumes to any person or email address at CMG Financial prior to having a signed agreement . CMG Financial is not liable for and will not pay placement fees for candidates submitted by any agency other than its approved recruitment partners. Furthermore, any resumes sent to us without an agreement in place will be considered your company’s gift to CMG Financial and may be forwarded to our recruiters for their attention.
- ...Global Financial Client handling clearing and settlement of securities transactions Position: Cloud Security Governance Associate Director Length: 12-... ...for setting strategic direction in the areas of IT Risk and Information Security. Maintains corporate security...SuggestedLong term contractContract workLocal area3 days per week
- ...Job Title: Cloud Security Architect Location: Princeton, NJ(Hybrid) Type: Contract Responsibilities: Lead... ...environments Provide technical leadership and guidance to engineering teams Collaborate with stakeholders to align security architecture...SuggestedContract workLocal area
$122.4k - $228k
...Cloud Security Lead Lead the design and maturity of end-to-end cloud security across multi-cloud environments (AWS, Azure, GCP), with responsibility spanning core cyber domains, CSPM/CNAPP strategy, and emerging AI/Agentic AI security. Drive enterprise-wide security...SuggestedContract workPart timeLocal areaImmediate start- ...Analysis: Identify and analyze attack patterns using Akamai, security logs, and other tools. Query data across various systems to gain... ...on our platform. SRE Practices: Apply Site Reliability Engineering (SRE) principles to enhance the reliability, scalability, and...Suggested
$62k - $141k
...Job Number: R0244186 Cloud Security Architect The Opportunity: Everyone is trying to "... ...necessary to ensure Information Technology (IT) systems meet the organization's... ...to successfully interact with clients, engineers, and managers Possession of excellent...SuggestedFull timeContract workPart timeWork at officeLocal areaRemote work- ...Cloud Security Architect The Cloud Security Architect is a hands-on security leader with deep expertise in designing, securing, and... ...(WBD) Cloud Security team, this role partners closely with engineering and product teams to embed security into cloud architectures...
$90k - $157.5k
...Cloud Security Architect We are looking for a Cloud Security Architect. You will be responsible for defining, implementing, and governing... ...cloud, and SaaS environments. You will partner with cloud engineering, application development, infrastructure, cybersecurity, and...Temporary workShift work- ...Overview: Cloud Security Architect Must Have Technical/Functional Skills • Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail. • Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security...
- ...Cloud Security Architect Location: Durham, NC, Westlake, TX Hybrid from SEP Duration: 12+ months Job Description: ~ Expert knowledge of AWS Cloud Architecture and experience with AWS Managed Services, Cloud Security, Docker and Kubernetes ecosystem, Cloud...
- ...Principal Cloud Security Architect About the Role What if your deep knowledge of cloud security architecture could directly protect large-scale systems from the misconfigurations and design flaws that lead to real-world breaches? We're looking for a Principal...Hourly payOngoing contractContract workFreelanceRemote workFlexible hours
$146.2k - $243.6k
...Details The Information Security team protects all of Grainger,... ...infrastructure is powered by cloud, on-premises, and SaaS platforms... ...to cybersecurity leaders, IT leaders, and other stakeholders... ...their roadmaps Partner with engineering teams, cloud platform teams, and...Full timeWork experience placementLocal areaRemote workWorldwideShift work- ...Cloud Security Architect We are seeking a Cloud Security Architect to lead the design... ...capabilities. Partner with infrastructure, engineering, DevOps, and compliance teams to... ...related field. ~7 years of enterprise IT experience with 4 years focused on cloud...For contractorsWork at officeLocal area
$150k - $185k
...Cloud Security Architect (DevSecOps) Overview A growing technology organization is seeking a Cloud Security Architect to... ...across cloud platforms. This role will partner closely with engineering and infrastructure teams to ensure cloud systems are secure,...Temporary work- ...Principal Cloud Security Architect – Gen AI Client is seeking a highly skilled and experienced Application Security Architect with expertise in Generative AI (Gen AI) platforms and environments to join client's team. The Security Architect will be responsible for designing...
- ...What are the top 3 skills required for this role? 1. Google Cloud Platform Security 2. VPC Control implementation & maintenance 3. IAM, Secret... ...SIEM experience including log ingestion, detection engineering, alert management, and threat correlation. • Production-...
- ...Cloud Security Architect Remote FTE JOB SUMMARY We are seeking an experienced Cloud Security Architect to lead the design and implementation of secure cloud infrastructure across our AWS-based environments. This role will focus on securing network boundaries...Remote work
- ...Title: Cloud Architect Location: Fort Belvoir, V Clearance: Top Secret... ...guiding the design and implementation of secure solutions and services within the cloud.... ...e.g., AWS) Certified Cloud Security Engineer/Architect. Knowledge of cloud computing...
- ...Cloud Security Architect The Information Security team protects all of Grainger, from our systems... ...posture to cybersecurity leaders, IT leaders, and other stakeholders through... ...implications of their roadmaps. Partner with engineering teams, cloud platform teams, and other...Remote work
$91.3k - $184.9k
...Cloud Security Architect This role is responsible for securing and governing enterprise cloud data environments, with a core emphasis... ..., Azure Administrator (AZ-104), Developer (AZ-204), Security Engineer (AZ-500), Data Engineer (DP-203), and AI Engineer (AI-102))...Live inWork at officeLocal area$120k - $150k
...Our cybersecurity and information security teams at IDEXX contribute to a more resilient... ...quality patient care. IDEXX is seeking a Cloud Security Architect to lead our multi-... ...standards enforcement, and partner with engineering teams to embed security controls...Local areaWorldwide- ...Principal Cloud Security Architect About the Role What if your deep knowledge of cloud security architecture could directly protect organizations from the risks they don't even know they have? We're looking for a Principal Cloud Security Architect to evaluate...Ongoing contractContract workFreelanceRemote workFlexible hours
- ...We are looking for a pragmatic, builder-focused Cloud Security Architect who wants to do more than just monitor a steady state. You will be the tactical and strategic engine behind our major migration into AWS, defining the security patterns that will dictate how our applications...Remote workShift work
$138.2k - $172.8k
...driving enterprise-wide technology security strategy and providing... ...Architectures (both On-Premise and Public Cloud) and driving and deploying... ...gaps between data scientists, engineers, AI Architects, Cloud... ...working on progressively complex IT and Cybersecurity projects...Temporary workPart timeWork experience placementInternshipSeasonal work- ...Cloud Security Architect We are seeking a highly skilled Cloud Security Architect with deep expertise in FedRAMP compliance to join... ...requirements with security best practices. # Educate engineering and IT teams on compliance-driven architecture and federal security...Remote work
- ...Senior AWS Cloud Security Architect Role: Cloud Security Architect Location: Reston, VA (Need to come office once in a week) Job Description: Should have experience in solutioning, implementation and design on AWS security architecture. Any AWS certification...Work at office
- ...Patching Automation (Linux and Windows servers) in the cloud at scale. Configure and manage cloud security tools such as encryption, identity and access... ...as AWS Certified Security Specialty, Azure Security Engineer Associate, or GCP Professional Cloud Security Engineer...
- ...culture. Purpose of the Position The Cloud Security Architect is responsible for designing... ...alignment with security operations, IT infrastructure, and operations best practices... ...(IAM): Collaborate with Security Engineering and IT Infrastructure and Operations...Work experience placementWorldwide
$86.8k - $198k
...Cloud Security Architect The Opportunity: Everyone is trying to "harness the cloud," but not everyone knows how to secure it. As a... ...Certifications such as CCSP, AWS Security Specialty, Azure Security Engineer, or AWS Solutions Architect Certification Clearance:...Full timeContract workPart timeWork at officeLocal areaRemote work- ...Cloud Security Architect Location: Austin, TX Duration : 6+ Months Need Local To Austin, TX Job Description : Need... ...standards 2 Preferred Certifications: CISSP, CISM, AWS Certified Security Engineer Please share profile's to ****@*****.***Local area
- ...Cloud Security Architect Location: Reston, VA (Hybrid 2/Week) Duration: 6-12+ Months (Possible Ext/C2H) Manager Notes: Cloud Security Architect role Moving Multifamily/Single family/Corporate business division internal applications to AWS cloud Should...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to IT Security Engineer - Cloud. Be the first to apply!
- azure security engineer United States
- IT security engineer United States
- junior network security engineer United States
- security engineer intern United States
- sr security engineer United States
- security project engineer United States
- information technology security engineer United States
- endpoint security engineer United States
- security support engineer United States
- application security engineer United States

