Principal Cloud Security Engineer

TL;DR

Principal Cloud Security Engineer: Designing, configuring, and implementing secure solutions for global cloud infrastructure with an accent on IAM, network segmentation, data protection, and SaaS security strategy. Focus on developing security patterns, automating controls with infrastructure-as-code, and maturing compliance with industry frameworks.

Location: Hybrid in Atlanta, Georgia, USA. Employees are expected to comply with the firm’s most current workplace model, which as of October 1, 2025, includes spending at least four full days each week working in an hirify.global office.

Company

hirify.global is a leading independent global investment firm dedicated to rethinking possibilities for clients by delivering distinctive investment management capabilities.

What you will do

• Design, configure, and implement secure solutions for the firm’s global cloud infrastructure.
• Define cloud security technical requirements including IAM, network segmentation, data protection, and CI/CD security.
• Develop security patterns and controls for Data Loss Prevention (DLP) across cloud, endpoint, and SaaS environments.
• Drive SaaS Security strategy, including secure configuration baselines, CASB/CSPM integrations, and risk assessment.
• Develop and deploy infrastructure-as-code to automate and optimize cloud security controls.
• Perform security threat modeling and design reviews for emerging cloud and SaaS technologies.

Requirements

• 10+ years of information security experience supporting enterprise-scale security engineering and architecture programs.
• 5+ years designing and implementing enterprise cloud security solutions across AWS, Azure, and Oracle.
• Experience with Terraform for deployment automation and security configuration management.
• Proficiency in scripting (Python, PowerShell, JSON).
• Experience developing security standards aligned to frameworks such as SOX, CSA-CCM, DORA, NIST, ISO, GDPR, and SOC1/2.
• Hands-on experience with Data Loss Prevention programs and SaaS Security technologies (CASB, SSPM).
• Extensive experience with AWS native security services including Control Tower, GuardDuty, CloudTrail, Config, and Lambda.
• 5+ years working in DevOps environments with applied Agile practices.
• Willingness to travel domestically and internationally as needed.

Nice to have

• Bachelor’s Degree in MIS or Computer Science.
• Certifications: CISSP, CCSP, CCSK.
• Cloud provider certifications (AWS, Azure, GCP).

Culture & Benefits

• Flexible paid time off and hybrid work schedule (4 days in office).
• 401(K) matching up to 6% with a discretionary supplemental contribution.
• Comprehensive health & wellbeing benefits and parental leave.
• Employee stock purchase plan.
• Commitment to diversity and equal opportunity employment.