Principal Cloud Application Security Engineer - INTEROS

Key Responsibilities

• Architect and enforce secure cloud application designs across AWS, Azure, and GCP, ensuring compliance with industry standards and internal security policies.
• Lead threat modeling, risk assessments, and vulnerability remediation for multi‑tenant SaaS services, integrating findings into the product roadmap.
• Collaborate with DevOps and product teams to embed security controls into CI/CD pipelines, automate security testing, and maintain secure deployment practices.
• Define and maintain secure identity and access management (IAM) strategies, including least‑privilege access, role‑based access control, and federated identity solutions.
• Mentor and coach engineering teams on secure coding, secure architecture, and emerging cloud security threats.

Requirements

• 10+ years of experience in cloud security and application security engineering, with a proven track record in large SaaS environments.
• Deep expertise in AWS, Azure, and GCP security services, including IAM, KMS, VPC, and network segmentation.
• Hands‑on experience with secure SDLC practices, threat modeling frameworks (e.g., STRIDE, PASTA), and automated security testing tools.
• Strong knowledge of DevSecOps principles, CI/CD pipeline security, and container security (Kubernetes, Docker).
• Excellent communication skills and ability to influence cross‑functional teams on security best practices.