Cloud Security Engineer – Level V

Hanger, Inc.

Cloud Security Engineer V responsible for designing, implementing, and supporting Hanger, Inc.'s cloud security architecture solutions in Microsoft Azure. Leading migrations and automating security in a DevSecOps environment.

Posted 6/2/2026full-timeRemote • 🇺🇸 United StatesSeniorLead💰 $153,986 - $192,482 per yearWebsite

Tech Stack

Tools & technologies

AzureCloudCyber SecurityGoKubernetesPythonTerraformTypeScript

About the role

Key responsibilities & impact

Design, develop, and implement cloud security architecture solutions in Microsoft Azure aligned with business objectives, technical requirements, and industry frameworks (e.g., NIST CSF, CIS Benchmarks)
Build and maintain security automation using Infrastructure as Code (IaC) tools such as Terraform, Bicep, or ARM templates to ensure consistent, repeatable, and auditable deployments
Architect and implement cloud-native security controls including network segmentation, micro-segmentation, encryption at rest and in transit, and secrets management
Partner with IT Infrastructure and Enterprise Architecture teams on the migration strategy for moving on-premise data centers to Microsoft Azure, ensuring environments are secure, compliant, and resilient from day one
Evaluate and remediate security risks across hybrid and cloud-native architectures throughout the migration lifecycle
Implement and manage Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) tooling to maintain continuous visibility and compliance
Collaborate with development and platform engineering teams to embed security into CI/CD pipelines, including static/dynamic code analysis (SAST/DAST), container image scanning, dependency vulnerability scanning, and automated policy enforcement
Write production-quality code and automation scripts (Python, PowerShell, Bash, or Go) to build security tooling, automate remediation workflows, and integrate security controls across cloud services
Champion secure software development practices across engineering teams, including threat modeling, secure code review, and security architecture assessments
Support the adoption of policy-as-code and detection-as-code practices to enforce security standards programmatically
Lead the design, development, and implementation of a cloud-based IAM strategy, including Zero Trust principles, least-privilege enforcement, conditional access, and identity governance
Manage and optimize identity platforms (e.g., Microsoft Entra ID), role-based access control (RBAC), privileged access management (PAM), and authentication protocols (OAuth 2.0, SAML, OIDC)
Implement and tune cloud-native monitoring, logging, and alerting using tools such as Microsoft Sentinel or equivalent SIEM/SOAR platforms
Develop and enforce cloud security policies, standards, and procedures, and maintain audit readiness for applicable compliance frameworks
Stay current with emerging technologies, threat vectors, and industry trends — including AI-driven threat detection, container and serverless security, and evolving regulatory requirements
Act as a subject matter expert, providing technical guidance and mentorship to other engineers and cross-functional team members

Requirements

What you’ll need

8 - 10+ years of progressive experience in IT, cybersecurity, or cloud engineering
10 years of hands-on experience in Microsoft Azure security architecture and operations
Demonstrated experience in software development or platform engineering, with working proficiency in at least two of the following: Python, PowerShell, Go, Bash, or TypeScript
Proven track record of designing and implementing IaC-driven cloud environments using tools such as Terraform, Bicep, or ARM templates
Hands-on experience integrating security tooling into CI/CD pipelines (e.g., GitHub Actions, Azure DevOps, GitLab CI) and working within DevSecOps workflows
Proven success leading or significantly contributing to data center-to-cloud migration initiatives
Success with AI/ML workload security or securing generative AI deployments
Bachelor's degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field (or equivalent professional experience)
At least one active cloud security certification is required: CCSP, CISSP, Microsoft Certified: Cybersecurity Architect Expert (SC-100), AZ-500 (Azure Security Engineer Associate), or equivalent
Additional certifications in cloud engineering, DevSecOps, or AI security are a strong plus (e.g., AZ-305, Terraform Associate, Certified Kubernetes Security Specialist)

Benefits

Comp & perks

8 Paid National Holidays & 4 additional Floating Holidays
PTO that includes Vacation and Sick time
Medical, Dental, and Vision Benefits
401k Savings and Retirement Plan
Paid Parental Bonding Leave for New Parents
Flexible Work Schedules and Part-time Opportunities
Generous Employee Referral Bonus Program
Mentorship Programs- Mentor and Mentee
Student Loan Repayment Assistance by Location
Relocation Assistance
Regional & National traveling CPO/CO/CP opportunities
Volunteering for Local and National events such as Hanger’s BAKA Bootcamp and EmpowerFest

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud security architectureInfrastructure as CodeTerraformBicepARM templatesPythonPowerShellGoBashCI/CD

Soft Skills

collaborationleadershipmentorshipcommunicationproblem-solvingtechnical guidancepolicy enforcementsecurity advocacyrisk evaluationautomation

Certifications

CCSPCISSPMicrosoft Certified: Cybersecurity Architect Expert (SC-100)AZ-500AZ-305Terraform AssociateCertified Kubernetes Security Specialist