[Remote] Cloud Security Engineer V
Note: The job is a remote job and is open to candidates in USA. Hanger, Inc. is the world's premier provider of orthotic and prosthetic services and products, focused on empowering human potential. The Cloud Security Engineer V role involves designing, implementing, and supporting the cloud environment while ensuring secure migration from on-premise data centers to the cloud, collaborating with cross-functional teams to embed security into software development and operations.ResponsibilitiesDesign, develop, and implement cloud security architecture solutions in Microsoft Azure aligned with business objectives, technical requirements, and industry frameworks (e.g., NIST CSF, CIS Benchmarks)Build and maintain security automation using Infrastructure as Code (IaC) tools such as Terraform, Bicep, or ARM templates to ensure consistent, repeatable, and auditable deploymentsArchitect and implement cloud-native security controls including network segmentation, micro-segmentation, encryption at rest and in transit, and secrets managementPartner with IT Infrastructure and Enterprise Architecture teams on the migration strategy for moving on-premise data centers to Microsoft Azure, ensuring environments are secure, compliant, and resilient from day oneEvaluate and remediate security risks across hybrid and cloud-native architectures throughout the migration lifecycleImplement and manage Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) tooling to maintain continuous visibility and complianceCollaborate with development and platform engineering teams to embed security into CI/CD pipelines, including static/dynamic code analysis (SAST/DAST), container image scanning, dependency vulnerability scanning, and automated policy enforcementWrite production-quality code and automation scripts (Python, PowerShell, Bash, or Go) to build security tooling, automate remediation workflows, and integrate security controls across cloud servicesChampion secure software development practices across engineering teams, including threat modeling, secure code review, and security architecture assessmentsSupport the adoption of policy-as-code and detection-as-code practices to enforce security standards programmaticallyLead the design, development, and implementation of a cloud-based IAM strategy, including Zero Trust principles, least-privilege enforcement, conditional access, and identity governanceManage and optimize identity platforms (e.g., Microsoft Entra ID), role-based access control (RBAC), privileged access management (PAM), and authentication protocols (OAuth 2.0, SAML, OIDC)Implement and tune cloud-native monitoring, logging, and alerting using tools such as Microsoft Sentinel or equivalent SIEM/SOAR platformsDevelop and enforce cloud security policies, standards, and procedures, and maintain audit readiness for applicable compliance frameworksStay current with emerging technologies, threat vectors, and industry trends β including AI-driven threat detection, container and serverless security, and evolving regulatory requirementsAct as a subject matter expert, providing technical guidance and mentorship to other engineers and cross-functional team membersSkills8 - 10+ years of progressive experience in IT, cybersecurity, or cloud engineering, and 10 years of hands-on experience in Microsoft Azure security architecture and operationsDemonstrated experience in software development or platform engineering, with working proficiency in at least two of the following: Python, PowerShell, Go, Bash, or TypeScriptProven track record of designing and implementing IaC-driven cloud environments using tools such as Terraform, Bicep, or ARM templatesHands-on experience integrating security tooling into CI/CD pipelines (e.g., GitHub Actions, Azure DevOps, GitLab CI) and working within DevSecOps workflowsProven success leading or significantly contributing to data center-to-cloud migration initiativesSuccess with AI/ML workload security or securing generative AI deploymentsBachelor's degree in Computer Science, Software Engineering, Information Technology, Cybersecurity, or a related field (or equivalent professional experience)At least one active cloud security certification is required: CCSP, CISSP, Microsoft Certified: Cybersecurity Architect Expert (SC-100), AZ-500 (Azure Security Engineer Associate), or equivalentMust have, or be eligible to obtain, a valid driver's license and driving record within the standards outlined within Hanger's Motor Vehicle Safety Policy and ProceduresDeep expertise in cloud IAM, including Zero Trust architecture, identity governance, conditional access, privileged access management, and modern authentication protocolsStrong knowledge of cloud-native security services and tooling: CSPM, CNAPP, SIEM/SOAR, endpoint protection, and threat intelligence platformsStrong understanding of container and orchestration security (Docker, Kubernetes), including image scanning, runtime protection, and workload isolationFamiliarity with security frameworks and standards (NIST CSF, CIS Controls, ISO 27001, SOC 2) and their application in cloud environmentsWorking knowledge of AI-driven security tools and an understanding of how machine learning is applied to threat detection, behavioral analytics, and automated incident responseExpertise in data protection strategies including encryption, key management, data classification, and data loss prevention in cloud environmentsExcellent analytical and problem-solving skills, with the ability to evaluate complex systems and design pragmatic security solutionsFlexible and collaborative with a proven ability to build consensus among cross-functional teams and influence technical decision-makingStrong written and verbal communication skills, with the ability to present complex security topics to both technical and non-technical audiencesDemonstrated ability to mentor engineers and elevate security awareness across an organizationAct with integrity in all ways and at all times, remaining honest, transparent, and respectful in all relationshipsKeep the patient at the center of everything that you do, building lifelong trustFoster open collaboration and constructive dialogue with everyone around youContinuously innovate new solutions, influencing and responding to changeFocus on superior outcomes, and calibrate work processes for outstanding resultsAdditional certifications in cloud engineering, DevSecOps, or AI security are a strong plus (e.g., AZ-305, Terraform Associate, Certified Kubernetes Security Specialist)BenefitsAnnual bonus: up to 15% of base pay depending on bonus criteriaCompetitive Compensation Packages8 Paid National Holidays & 4 additional Floating HolidaysPTO that includes Vacation and Sick timeMedical, Dental, and Vision Benefits401k Savings and Retirement PlanPaid Parental Bonding Leave for New ParentsFlexible Work Schedules and Part-time OpportunitiesGenerous Employee Referral Bonus ProgramMentorship Programs- Mentor and MenteeStudent Loan Repayment Assistance by LocationRelocation AssistanceRegional & National traveling CPO/CO/CP opportunitiesVolunteering for Local and National events such as Hangerβs BAKA Bootcamp and EmpowerFestCompany OverviewHeadquartered in Austin, Texas, Hanger, Inc. is a leading provider of orthotic and prosthetic (O&P) patient care services and products. It was founded in 1861, and is headquartered in Austin, Texas, USA, with a workforce of 5001-10000 employees. Its website is https://corporate.hanger.com/.Company H1B SponsorshipHanger, Inc. has a track record of offering H1B sponsorships, with 2 in 2025, 1 in 2024, 1 in 2022. Please note that this does not guarantee sponsorship for this specific role.