Cloud Security Specialist Information Security Engineering

Job Description

The Cloud Security Specialist is a senior technical and leadership position responsible for implementing, managing, and continuously improving cloud security across multi cloud environments including AWS, Azure, Google Cloud, and Oracle Cloud Infrastructure (OCI).

This role combines hands on technical execution with team leadership. The successful candidate will lead a team of cloud security engineers, develop secure architectures, and manage enterprise grade cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Container Security, API Security, and AI Security Posture Management (AISPM).

The individual will partner with cloud service, DevOps, and application teams to design secure deployments, enforce policies, and integrate automation for vulnerability remediation, threat detection, and compliance. They will also implement secure private connectivity between cloud and on premise networks using technologies such as AWS PrivateLink and Azure ExpressRoute.

Responsibilities

Core Responsibilities

• Lead and mentor a team of cloud security engineers, fostering technical excellence and professional growth.
• Architect and maintain secure multi-cloud environments across AWS, Azure, GCP, and OCI in partnership with Enterprise Architecture.
• Deploy and manage CSPM platforms to drive continuous visibility, compliance, and risk posture improvement.
• Implement CWP solutions to protect cloud workloads, prevent threats, and manage vulnerabilities effectively.
• Define and enforce IAM policies and least-privilege principles to strengthen identity security across all platforms.
• Design and secure private and hybrid connectivity using technologies such as AWS PrivateLink, Azure ExpressRoute, and Google Cloud Interconnect.
• Integrate cloud telemetry and security events with SIEM systems to enhance incident detection and response capabilities.
• Automate provisioning, configuration, and remediation workflows using IaC tools like Terraform and Ansible, supported by Python or PowerShell scripting.
• Implement and manage WAF policies and API gateways to safeguard cloud applications and services.
• Partner with DevOps and engineering teams to embed security within CI/CD pipelines and promote secure development practices.
• Collaborate with risk and architecture teams to assess emerging technologies and align them with enterprise security strategy.
• Stay informed on evolving threats, regulatory frameworks, and AI security trends to continuously improve cloud security posture.

Qualifications

Required Education/Experience

• Master's Degree and with 3 years of relevant experience IT or Information security or
• Bachelor's Degree and with 5 years of relevant experience IT or Information security or
• Associate's Degree and with 6 years of relevant experience IT or Information security or
• High School Diploma/GED and with 8 years of relevant experience IT or Information security.

Preferred Education/Experience

• Master's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 3 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute).
• Bachelor's Degree in Cybersecurity, Computer Engineering, Computer Science, Information Systems Security, Information Technology. and 5 years in Information security, Cloud Security or Cloud Architect in a senior technical role. With certifications such as CCSP, AWS Certified Security, Azure Security Engineer Associate, or GCP Cloud Security Engineer. Experience in cloud security or cloud architecture. Experience with CSPM, CWP, AISPM, and API security implementations. Handson work with identity management, hybrid connectivity (PrivateLink, ExpressRoute).

Relevant Work Experience

• Handson experience with at least two major cloud providers (AWS, Azure, GCP, or OCI), required.
• Implementation and management experience with CSPM, CWP, AISPM, and API security platforms, required.
• Knowledge of IAM, rolebased access control, and policy enforcement, required.
• Experience integrating cloud telemetry and logs with SIEM tools, required.
• Understanding of hybrid connectivity and private link technologies (PrivateLink, ExpressRoute), required.
• Experience with scripting (Python, PowerShell, Bash) and automation, required.
• Experience with WAF and cloud API gateway configurations, required.
• Strong understanding of cloud network fundamentals and background in cloud network security, and secure architecture design, required.
• Experience collaborating with cloud service teams for planning and remediation, required.
• Experience implementing application security best practices and training engineering teams, required.
• Familiarity with CDN operations, certificates, and brand monitoring preferred, required.
• Experience with SIEM integration, telemetry collection, and event analysis, preferred.
• Demonstrated experience leading technical teams or project groups, preferred.
• Experience with Container Security, preferred.
• Experience securing API endpoints and implementing advanced cloud application protections, preferred.
• Knowledge of AI/ML data protection and secure model deployment practices, preferred.
• Experience integrating security automation into DevSecOps workflows using Terraform or Ansible, preferred.
• Experience developing and delivering cloud security training and awareness programs, preferred.

Skills and Abilities

• Effective leadership skills
• Demonstrated problem solving skills
• Demonstrated problem solving skills
• Strong written and verbal communication skills
• Ability to drive multiple projects to successful completion
• Proactively approaches responsibilities

Licenses and Certifications

• Driver's License Required
• Other: CISSP, CCNP Security, GSEC, GCIH, CEH, or equivalent certifications. Preferred
• Other: CCSP, AWS Certified Security, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, or OCI Security Professional. Preferred

Physical Demands

• Ability to push, pull, and lift up to 25 pounds
• Sit or stand to use a keyboard, mouse, and computer for the duration of the workday

Additional Physical Demands

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.

About Us

Mission Statement:

Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) employees are required to follow health, safety, and environmental policies, EEO, Standards of Business Conduct, and all other applicable company policy and procedures. We all share a responsibility to advance the company's mission by excelling at our three corporate priorities - safety of our people and the public, operational excellence in all that we do, and ensuring the best possible customer experience.

Benefits:

We are dedicated to supporting the physical, mental, and financial health of our employees and their families. This commitment extends beyond the workplace to foster personal growth and holistic wellbeing. Our life-changing rewards package includes:

• Rich medical & pharmacy benefits, including vision benefits
• Dental benefits
• Health Savings Accounts
• Health Care and Dependent Care Flexible Spending Accounts
• 401(k) with robust matching
• Employer paid Pension Plan
• Employee Stock Purchase Plan with a generous matching contribution
• State of the art Employee Assistance Program
• Paid Parental Leave
• Generous paid time off plus paid holidays
• Family support: emergency backup child, & elder care assistance
• Social responsibility and volunteer opportunities
• Employee discount program
• Commuter Benefits
• Culture of growth and learning: career development; tuition reimbursement; recognition program
• Life and Long-Term Disability Benefits

*Please be aware that some benefits may not apply to provisional or part-time job titles.

About the Team

EEO Statement:

Consolidated Edison Company of New York, Inc. (Con Edison), Orange & Rockland Utilities (O&R), and Consolidated Edison Transmission (CET) are equal opportunity employers. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of the individual's actual or perceived disability, protected veteran status, race, color, creed, religion, sex, age, national origin, gender, gender identity, gender expression, genetic information, marital status, sexual orientation, citizenship, domestic violence victim status, or any other actual or perceived status protected by law.

Technical Difficulty Statement:

For technical issues, please contact us at View email address on click.appcast.io