Senior Cloud Security Engineer

As a Senior Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining cloud security solutions across multiple cloud platforms (AWS, Azure, GCP). You will be a part of the Product Security and working with the DevOps, Infrastructure Engineers, Cloud Infrastructure, and SRE teams to ensure our cloud environments meet industry best practices by implementing secure by design patterns. The ideal candidate will have deep expertise in cloud security, automation, and a passion for staying current with emerging threats and technologies.

• Design and implement cloud security controls and best practices across AWS, Azure, and GCP
• Engineer and maintain cloud security solutions to prevent and protect against threats
• Architect and deploy security solutions including WAF, DDoS protection, and identity management
• Leverage automation to audit and maintain cloud and cloud-native security
• Secure containerized workloads and Kubernetes clusters using best practices and industry-standard tools

• Experience in cloud security, cybersecurity, or related field
• Hands-on experience with AWS, Azure, or GCP security services
• Understanding of cloud security principles and best practices
• Experience with infrastructure-as-code tools (Terraform, CloudFormation, ARM templates)
• Proficiency in scripting languages (Python, PowerShell, Bash)
• Experience with container security (Docker, Kubernetes, Pod Security Standards)
• Knowledge of identity and access management (IAM, SAML, OAuth, OIDC)
• Experience with vulnerability assessment and penetration testing
• Understanding of threat modeling and risk assessment methodologies

• Cloud security certifications (AWS Security Specialty, Azure Security Engineer, GCP Professional Cloud Security Engineer)
• Experience with multiple cloud platforms (AWS, Azure, GCP)
• Experience with security automation and orchestration platforms
• Experience with creating custom security tooling to automate tasks
• Experience with secrets management solutions (HashiCorp Vault, AWS Secrets Manager)
• Experience of policy-as-code engines (OPA, Kyverno)
• Knowledge of AI and its application in security

Tricentis Core Values:

Knowing what we need to achieve and how to achieve it is important. Tricentis core values define our ways of working and the behaviours we model that create an enjoyable and successful Tricentis life.

• Demonstrate Self-Awareness: Own your strengths and limitations.
• Finish What We Start: Do what we say we are going to do.
• Move Fast: Create momentum and efficiency.
• Run Towards Change: Challenge the status quo.
• Serve Our Customers & Communities: Create a positive experience with each interaction.
• Solve Problems Together: We win or lose as one team.
• Think Big & Believe: Set extraordinary goals and believe you can achieve them.

Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, ethnicity, gender, religious affiliation, age, sexual orientation, socioeconomic status, or physical and mental disability and other statuses protected by law.

Global Sanctions Compliance

We comply with all applicable global sanctions and export control laws. Candidates must not be listed on any government restricted party lists (including OFAC SDN List and U.S. Commerce Department restricted lists) and must certify that their employment would not violate any sanctions or export control regulations. Candidates must notify us of any changes to their status during the application process or subsequent employment.

Tricentis is proud to be an equal opportunity workplace. Qualified applicants will receive consideration for employment without regard to race, color, ethnicity, gender, religious affiliation, age, sexual orientation, socioeconomic status, or physical and mental disability and other statuses protected by law.

Global Sanctions Compliance

We comply with all applicable global sanctions and export control laws. Candidates must not be listed on any government restricted party lists (including OFAC SDN List and U.S. Commerce Department restricted lists) and must certify that their employment would not violate any sanctions or export control regulations. Candidates must notify us of any changes to their status during the application process or subsequent employment.