Senior Cloud Security Engineer

New

InnovecsSupply Chain & Logistics

Ukraine, Poland, Romania, Spain, RemoteFull-TimeSenior

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

5+ years of experience in information security, cybersecurity, security compliance, or governance/risk/compliance roles.
Strong practical knowledge of cloud security principles in Azure environment.
Experience with CI/CD security controls, including SAST, DAST, dependency scanning, secrets detection, and security gates.
Practical knowledge of cloud resource hardening, including virtual machines, Kubernetes clusters, access controls, firewall rules, and monitoring.
Proven experience working with security compliance frameworks, especially SOC 2, ISO 27001, GDPR.
Hands-on experience with Vanta or a similar compliance automation / GRC platform.
Experience assessing and implementing compliance requirements for clients in different countries or regulatory environments.
Strong understanding of security controls, risk management, audit processes, evidence collection, policy and procedure development.
Ability to interpret customer and regulatory requirements and translate them into practical security/compliance actions.
Experience working cross-functionally with technical and non-technical stakeholders.
Strong communication skills with an upper intermediate English level.
Analytical mindset with strong problem-solving and process design skills.
Ability to work independently and take ownership of security/compliance initiatives.

Own and improve the organization’s security and compliance processes across the Azure cloud environment.
Contribute to improving CI/CD security by defining required security checks, reviewing pipeline controls, and helping prevent issues such as hardcoded credentials or insecure configurations.
Support cloud security hardening across Azure resources, including virtual machines, Kubernetes clusters, identity/access controls, network security, and monitoring configurations.
Manage and coordinate compliance activities related to SOC 2, ISO 27001, GDPR, and other relevant regulatory or customer-driven frameworks.
Assess regulatory, privacy, and security requirements when engaging clients from new countries/regions, and translate those requirements into internal controls, policies, and implementation steps.
Partner with Engineering, DevOps, IT, Legal, HR, and leadership teams to implement and maintain scalable compliance and security processes.
Support client security reviews, due diligence requests, and security questionnaires with accurate documentation and evidence.

View Full Description & ApplyYou'll be redirected to the employer's site