What success looks like in this role: 1. Cloud Security Architecture Review Review and evaluate secure architectures for IaaS, PaaS, and SaaS environments across AWS, Azure, and/or GCP. Evaluate and recommend security technologies, controls, and frameworks aligned with cloud-native environments. Participate in solution design reviews to ensure cloud security best practices are embedded in system architectures. 2. Security Operations & Threat Management Configure and manage cloud-native security services (e.g., Microsoft Defender for Cloud, AWS Security Hub, GCP SCC). Monitor cloud environments for threats, misconfigurations, and vulnerabilities. Perform threat modeling, risk assessments, and incident response in coordination with the SOC. 3. Identity & Access Management (IAM) Define and enforce least-privilege access models using role-based access control (RBAC), attribute-based access control (ABAC), and policy-as-code (e.g., Azure Policy, AWS SCPs). Ensure secure integration with Identity Providers (IdPs) and MFA enforcement. Audit permissions and perform access reviews regularly. 4. Compliance & Governance Implement and monitor controls to support compliance with frameworks such as ISO 27001, SOC 2, NIST, CIS, HIPAA, or PCI-DSS. Automate compliance checks using tools like Azure Policy, AWS Config, and custom scripts. Prepare documentation and evidence for audits and risk assessments. 5. Automation & Infrastructure as Code (IaC) Integrate security into CI/CD pipelines and DevOps workflows. Write and review secure IaC templates (e.g., Terraform, Bicep, CloudFormation). Implement automated security testing (SAST/DAST) and vulnerability scanning pipelines. 6. Security Awareness & Collaboration Provide security guidance to development, infrastructure, and DevOps teams. Develop and deliver training or documentation on secure cloud usage and DevSecOps principles. Participate in internal security committees and cloud governance boards. 7. Continuous Improvement & Research Stay up to date with emerging threats, vulnerabilities, and cloud platform changes. Lead security POCs and evaluate new cloud security tools and techniques. Recommend improvements to existing security policies and standards. #LI-SA1 You will be successful in this role if you have: 1. Education & Experience Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field. 5–8+ years of experience in cybersecurity, with at least 3 years focused specifically on cloud security. Proven experience securing cloud platforms such as Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform (GCP). Microsoft Defender for Cloud 2. Technical Skills Strong understanding of cloud security principles and architectures (shared responsibility model, Zero Trust, etc.). Hands-on experience with cloud-native security tools (e.g., Microsoft Defender for Cloud, AWS GuardDuty, GCP SCC). Proficient in Infrastructure as Code (IaC) tools: Terraform, ARM/Bicep, CloudFormation. Experience integrating security into CI/CD pipelines and DevSecOps workflows. Knowledge of network security, container security (e.g., Kubernetes, AKS, EKS), API security, and data protection in the cloud. Familiarity with SIEM and security monitoring tools (e.g., Sentinel, Splunk, Elastic, CloudTrail, CloudWatch). 3. Identity & Access Management Deep knowledge of RBAC, ABAC, OAuth2, OIDC, SAML, and MFA implementations in cloud environments. Experience managing federated identity systems and Privileged Access Management (PAM). 4. Compliance & Risk Working knowledge of compliance standards and security frameworks: ISO 27001, NIST 800-53, SOC 2, CIS Benchmarks, GDPR, HIPAA, or PCI-DSS. Ability to translate technical risks into business impacts and recommend mitigations. 5. Certifications (Preferred) One or more of the following: CCSP – Certified Cloud Security Professional CISSP – Certified Information Systems Security Professional Microsoft Certified: Azure Security Engineer Associate AWS Certified Security – Specialty Google Professional Cloud Security Engineer CISM, CEH, or equivalent Microsoft Azure AZ-104 6. Soft Skills Strong communication and stakeholder management skills. Ability to lead security discussions with technical and non-technical audiences. Analytical and problem-solving mindset with attention to detail. Ability to work independently, lead projects, and mentor junior engineers. #LI-SA1 Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at [email protected] or alternatively Toll Free: 888-560-1782 (Prompt 4). US job seekers can find more information about Unisys’ .