Security Engineer (Cloud Security)

Workato is seeking a talented Cloud Security Engineer with deep expertise in Cloud Security Posture Management (CSPM) and a strong focus on AWS cloud security to join our expanding Security team. In this role, you will be responsible for continuously monitoring, evaluating, and enhancing the security posture of our AWS cloud environment.

Requirements

• 3 to 6 years of experience in cloud security, with a focus on AWS environments and CSPM tools.
• Strong knowledge of AWS services, security controls, and shared responsibility model.
• Proven experience with CSPM platforms such as Wiz, Prisma Cloud, Dome9, Lacework, or AWS Security Hub.
• Expertise in identifying and remediating cloud misconfigurations and vulnerabilities.
• Experience developing security automation using scripting languages (Python, PowerShell) or cloud-native tools (AWS Lambda, CloudFormation).
• Hands-on experience in incident response and participation in on-call rotations.
• Familiarity with compliance frameworks like CIS benchmarks, SOC 2, ISO 27001, and GDPR.
• Strong understanding of Infrastructure as Code (IaC) concepts and experience writing IaC templates using tools like Terraform, CloudFormation, or Ansible.
• Experience integrating IaC security scanning tools (e.g., Checkov, tfsec, Terrascan) into CI/CD pipelines to automate detection of misconfigurations and enforce security compliance.
• Ability to write and maintain IaC security policies to enforce organizational security standards, including defining, testing, and updating policies for continuous compliance.
• Relevant certifications such as AWS Certified Security – Specialty, Certified Cloud Security Professional (CCSP), or equivalent.
• Strong collaboration and communication skills to work effectively across teams.
• Willingness to travel occasionally as required.