Lead Cloud Security Engineer

Job Title: Lead Cloud Security Engineer

Location: Houston, TX
Industry: Insurance
Job Type: Full Time
Salary: $160,000/year

Overview:

Lawson Enterprises is partnering with a leading client in the insurance industry to hire a skilled Lead Cloud Security Engineer for a full-time, direct hire opportunity.

This role is responsible for designing, implementing, and maintaining a secure, scalable, and resilient cloud infrastructure with a focus on AWS and Azure environments. The ideal candidate will have expertise in cloud-native security tools, automation, and DevSecOps integration while collaborating with cross-functional teams to enforce security best practices.

Key Responsibilities:

• Identify and assess security risks, communicate threats to stakeholders, and implement remediation strategies.
• Design and maintain preventive and remediation controls across AWS and Azure.
• Apply security frameworks such as: CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), Microsoft Cloud Security Benchmark (MCSB)
• Track and report on the effectiveness of AWS/Azure detective controls and third-party security solutions (e.g., Wiz).
• Develop security processes, cloud policies, and standards to ensure proactive threat response.
• Assist teams in integrating security into CI/CD pipelines and development workflows.
• Implement security automation to improve overall security posture.
• Conduct security audits and ensure compliance with industry regulations such as GDPR, HIPAA, etc.
• Maintain and manage comprehensive cloud security documentation.
• Collaborate with developers, architects, and operations teams to enforce security best practices.
• Lead training sessions and workshops on AWS and Azure security protocols.
• Stay updated on emerging cloud security trends and integrate innovative solutions into the cloud environment.

Required Qualifications:

• Strong experience with AWS and/or Azure security services.
• Hands-on expertise with AWS tools such as: IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, AWS Configuration
• Experience securing containers and Kubernetes environments.
• Strong network security skills (e.g., securing virtual networks, firewalls, governance, subnets).
• Experience with IaaS resource patching and container image scanning.
• Familiarity with third-party security tools (e.g., Cloud Custodian, Stacklet).
• Experience managing hybrid cloud environments.
• Proficiency in Python, Terraform, AWS Lambda, and Azure Functions.
• Hands-on experience with Infrastructure as Code (IaC) tools such as Terraform.
• Experience implementing policy-as-code solutions using GitHub Copilot or AWS Code Whisperer.
• Deep knowledge of cloud security compliance frameworks (e.g., CIS, AWS/FSBP, Microsoft/MCSB, GDPR, HIPAA).
• Expertise in embedding security within DevOps workflows and CI/CD pipelines.
• Familiarity with container security in AWS/Azure.
• Strong analytical skills to assess and resolve complex security challenges.
• Ability to effectively communicate security concepts to technical and non-technical stakeholders.
• Collaborative mindset for working in federated operating models.
• Commitment to continuous learning and staying current with emerging security technologies.
• Expertise with Azure services, including Entra ID and Cloud Defender
• Hands-on experience with:
  • GitHub
  • Azure DevOps
  • PowerShell, Bash, AWS/Azure CLI

Preferred Certifications:

• AWS Certified Security Specialty
• AWS Certified DevOps Engineer Professional
• Microsoft Certified: Azure Security Engineer Associate
• Microsoft Certified: DevOps Engineer Expert
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)

Education:

Bachelor's Degree in a related field (or equivalent experience).

Additional Information:

• Onsite: Houston, TX
• Employment Type: Full-Time (Direct Hire)
• Salary: $160,000/year
• Visa Sponsorship: Not available.
• Relocation Support: Not provided.