Cloud Engineer Europe Full time USA

Cloud Application Security Engineer, Hexagon

March 10, 2025
Staff AJL

Cloud Application Security Engineer, Hexagon

Company Hexagon Manufacturing Intelligence
Job title Cloud Application Security Engineer
Job location US and UK – Remote
Type Full Time

Responsibilities:

  • Security Assessment: Conduct security assessments and penetration testing of cloud-based applications to identify vulnerabilities and risks.
  • Cloud Security Architecture: Collaborate with DevOps and IT teams to design and implement secure cloud architectures, ensuring best practices and compliance with industry standards.
  • Threat Modeling: Develop and maintain threat models and security risk assessments for cloud applications.
  • Security Tools: Collaborating with the Corporate Security team, implement and manage security tools and technologies to enhance the security posture of our cloud environments.
  • Incident Response: Collaborating with the Corporate Security team, assisting in the development and execution of incident response plans, and participating in security incident investigations.
  • Policy Development: Develop and enforce security policies, procedures, and standards for cloud applications.
  • Training and Awareness: Collaborate with the Corporate Security team, to conduct security training and awareness sessions for development and operations teams to promote a security-first culture.
  • Compliance: Ensure cloud applications comply with relevant security standards and regulations (e.g., GDPR, ISO 27001, SOC 2).

Requirements & Skills:

  • Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
  • Minimum of 5 years of experience in application security, with a focus on cloud environments.
  • Minimum of 2 years of experience with web application development or
  • Certifications: Relevant security certifications such as GCLD and GWEB (or equivalent) are essential. Management certifications such as CISSP, CCSP,  or equivalent are preferred.
  • Proficiency with cloud platforms such as Azure, AWS, or Google Cloud.
  • Demonstrable knowledge of Identity and Access Management skills and technologies.
  • Experience with security tools and technologies (e.g., SAST, DAST, SCM, WAF).
  • Strong understanding of secure software development practices and DevSecOps principles.
  • Proficiency in multiple programming languages
  • Familiarity with containerization and orchestration technologies (e.g., Docker, Kubernetes).
  • Familiarity with security frameworks such as OWASP and standards like ISO 27001
  • Understanding of web application architecture
  • Ability to dig deep and focus on the details

apply for job button