Cloud Security Engineer
- Stonegate Technologies LLC
6 Hours Ago
NA
NA
New York-NY
8-10 Years
Required Skills: Terraform, CloudFormation, Python, Bash
Job Description
Role: Cloud Security Engineer or Architect/AWS/AWS SECURITY SPECIALIST/ARCHITECT OR LEAD
Location: (Only NYC/Hybrid) No relocation
Job Description:
We are seeking a highly experienced Security Engineer – Cloud Implementation Lead to architect, deploy, and lead enterprise cloud security implementations within AWS environments. This role will be responsible for designing scalable and secure cloud infrastructure using Palo Alto Networks security platforms while driving best practices across AWS-native security services. The ideal candidate combines deep AWS architecture expertise with strong Palo Alto firewall, Prisma Cloud, and cloud network security experience.
Key Responsibilities
Lead the architecture and implementation of secure AWS cloud environments across multi-account and hybrid deployments.
Design and deploy Palo Alto Networks VM-Series firewalls, Panorama, and Prisma Cloud within AWS.
Implement secure AWS network architectures including VPC design, Transit Gateway, Direct Connect, NAT Gateway, Security Groups, and NACLs.
Develop cloud security reference architectures aligned with NIST, CIS, ISO 27001, and industry best practices.
Lead Zero Trust network segmentation and micro-segmentation initiatives across AWS workloads.
Integrate Palo Alto security tools with AWS-native services such as GuardDuty, Security Hub, IAM, CloudTrail, and Config.
Automate security deployments using Infrastructure-as-Code (Terraform, CloudFormation).
Conduct cloud security risk assessments, architecture reviews, and threat modeling exercises.
Provide technical leadership and mentorship to engineering and DevOps teams.
Support incident response efforts and continuous security posture improvement initiatives.
Develop and maintain cloud security standards, runbooks, and implementation documentation.
Required Qualifications
7+ years of experience in network and cloud security engineering.
3+ years of hands-on AWS cloud security architecture and implementation experience.
Strong expertise with Palo Alto Networks (VM-Series, Prisma Cloud, Panorama, NGFW).
Deep understanding of AWS networking, IAM, and multi-account security models.
Experience with Zero Trust architecture and cloud segmentation strategies.
Proficiency in automation and scripting (Terraform, CloudFormation, Python, Bash).
Strong knowledge of cloud compliance frameworks and regulatory requirements.
Preferred Certifications
Palo Alto PCNSE
AWS Certified Security – Specialty
AWS Solutions Architect – Professional
CISSP or equivalent security certification
Key Competencies
Cloud security architecture leadership
Strong analytical and troubleshooting skills
Experience leading enterprise-scale cloud implementations
Ability to collaborate across infrastructure, DevOps, and security teams
Excellent communication and executive reporting skills
