Cyara

Sr. Security Engineer - Cloud Security

Cyara · IN · 136d ago
Apply now

About the role

As the global leader in AI-powered customer experience assurance, we help some of the world's most recognized brands deliver seamless, reliable, and engaging interactions across voice, digital, messaging, and AI-powered channels. Every year, our platform helps optimize hundreds of millions of customer journeys, ensuring businesses can confidently deliver exceptional experiences at scale.
As enterprises race to deploy agentic AI, the defining question is no longer whether AI can handle customer interactions, it’s whether those interactions can be trusted. Cyara is the confidence layer that answers that question, testing AI agents with AI agents to detect hallucinations, validate decisions, and ensure compliance before failures ever reach your customers.  
 
Joining Cyara means helping shape the future of customer experience, partnering with some of the world’s biggest brands, and working alongside passionate, talented people who are committed to making every customer interaction better. 

Job Function Description: 
As a Senior Cloud Security Engineer, you will be responsible for designing, implementing, and optimizing security controls across cloud environments. You will work closely with infrastructure, product, and engineering teams to ensure workloads, identities, data, and networks are securely architected, monitored, and maintained. This includes building scalable security automation, enforcing policy-as-code, strengthening identity and access practices, and enabling secure-by-default cloud operations. 

You will be responsible for:

  • Cloud Architecture & Design – Designing secure-by-default cloud architectures and integrations, ensuring all new infrastructure meets rigorous security standards before deployment. 
  • Identity & Access Management (IAM) – Designing and reviewing cloud IAM strategies by defining roles, least-privilege policies, service accounts, and access boundaries across AWS, Azure, and GCP. 
  • Cloud Configuration Hardening – Locking down storage buckets, network security groups, load balancers, databases, and managed services to prevent accidental exposure and ensure compliance. 
  • DevSecOps & CI/CD Security – Securing the software supply chain by reviewing pipeline permissions, secrets handling, and artifact signing to prevent unauthorized deployments to production. 
  • Threat Modeling & Risk Assessment – Conductin threat modeling sessions with architects to identify structural risks (e.g., compromised roles) and defining security requirements for new features. 
  • Security Automation & Policy-as-Code – AWS‑centric security automation by developing Terraform guardrails, enforcing Policy-as-Code through OPA/Conftest and AWS Service Control Policies (SCPs), and building AWS-native auto‑remediation workflows using AWS Config, EventBridge, Lambda, and SSM Automation to ensure continuous compliance and enforcement of cloud security standards. 
  • Security Monitoring & Alert Triage – Managing the intake of alerts from CSPM, SIEM, and cloud-native tools (GuardDuty, Defender, SCC), distinguishing real threats from operational noise. 
  • Cloud Incident Response – Leading investigations into cloud-specific incidents, including compromised credentials, suspicious API calls, crypto-mining activity, or exposed resources. 
  • Vulnerability Management – Running and analyzing scans for cloud workloads (VMs, containers, serverless) and prioritizing remediation based on contextual risk rather than generic CVSS scores. 
  • Logging & Audit Readiness – Ensuring cloud audit logs are enabled, immutable, centralized, and readily available for forensic investigations and compliance audits. 
  • Cross-Functional Advisory – Serving as a subject matter expert for developer, infrastructure, and platform teams, translating complex security requirements into practical, engineering-focused guidance.
  • Let’s talk about your skills/expertise:

  • Bachelor’s degree in computer science, Information Security, or a related field; advanced degree preferred.
  • Minimum of 8 years of experience in information security, with a demonstrated focus on Cloud Security Architecture, Engineering, and Posture Management.
  • In-depth knowledge of CIS Benchmarks, Cloud Security Alliance (CSA) CCM, and NIST 800-53 as they apply to cloud environments.
  • Extensive experience with CSPM and CNAPP tools (e.g., Wiz, Prisma Cloud, AWS Security Hub), including their deployment, tuning, and integration into ticketing workflows.
  • Deep expertise in AWS security services (IAM, GuardDuty, KMS, SCPs, WAF) and experience securing Kubernetes (EKS) and serverless architectures.
  • Proven experience implementing Infrastructure as Code (IaC) security scans and Policy-as-Code (using Terraform, OPA, or CloudFormation) to enforce security guardrails.
  • Knowledge and experience with development and implementation of security controls for AI/ML infrastructure, including securing data pipelines and LLM integrations.
  • Experience collaborating with DevOps teams to secure CI/CD pipelines and supply chain workflows (Github Actions, GitLab, Jenkins).
  • Strong analytical skills with the ability to conduct cloud forensics and support incident response for complex infrastructure compromises.
  • Excellent communication skills, with the ability to translate technical security risks into practical guidance for developers and platform engineers.
  • Relevant certifications such as AWS Certified Security – Specialty, ISC2 CCSP (Certified Cloud Security Professional), CSA CCSK, or CISSP are highly desirable.
  • Location IN
    Posted 136d ago
    .*
    findatechjob

    Tech jobs straight from company career pages. No recruiters, no middlemen, no spam.

    © 2026 findatechjob · Logos provided by Logo.dev