Sr Cloud Security Engineer (Hybrid/Multi-Cloud)

Everforth ECS is seeking a Senior Cloud Security Engineer to work in our Falls Church, VA office.

 

As a Senior Cloud Security Engineer, you will directly implement technical strategy for securing a massive hybrid ecosystem comprising 30,000+ physical sites and diverse multi-cloud tenants. You will be responsible for building the automated "guardrails" that protect our assets, data, and identity fabric across private data centers and public cloud environments. Your mission is to ensure a high-quality security posture through continuous efficacy assessments, fraud mitigation, and proactive threat detection.

 

Duties and Responsibilities

• Security Posture & Compliance Automation: Design and implement automated compliance assessments to enforce hardening standards (CIS, NIST) across cloud accounts and on-premises virtualized environments.
• Asset & Data Security: Architect and maintain the security of our sprawling asset inventory. Implement data-at-rest and data-in-transit encryption strategies that span from physical data center servers to cloud-native storage.
• Identity & Fraud Mitigation: Develop and secure the "Identity Fabric" linking 600k+ employees and millions of commercial customers. Collaborate with Fraud teams to integrate signals from SIEM and Databricks to detect and block malicious account activity.
• Hybrid Engineering: Build and manage secure connectivity (Transit Gateways, Service Mesh) between on-premises hypervisors and multi-cloud environments, ensuring consistent policy enforcement.
• Threat Detection & Response: Partner with the SOC to develop high-fidelity detection logic. Build SOAR playbooks that automate the isolation of compromised cloud workloads or on-premises VMs.
• Efficacy Assessment: Support ongoing "Purple Team" exercises and control testing to validate that security tools (EDR, WAF, DLP) are performing as intended across all tenants.
• AI/ML Security Governance (Adversarial Defense): Establish security guardrails for the enterprise’s internal and customer-facing AI models. This includes protecting Databricks training pipelines from data poisoning and implementing mitigations for LLM-specific threats like prompt injection and sensitive data leakage.
• Hyper-Automation of Security Operations: Drive the transition from manual "click-to-operate" security to Autonomous Security Operations. This involves building advanced SOAR playbooks that use ML-based triggers to perform auto-remediation across hybrid environments without human intervention.
• Business Process Streamlining: Partner with business units to integrate security "invisibly" into their workflows. Use automation to reduce "security friction" in logistics and retail operations, ensuring that compliance checks (like PCI or SOC2) are performed continuously and programmatically.
• AI Asset Management: Discover and catalog "Shadow AI" usage across the enterprise, ensuring all third-party AI tools meet the enterprise’s privacy and security standards.