Cloud Security Principal Engineer

Location: Pennsylvania PA

Duration: 6+ Months

Job Type: Contract

Note: Hybrid - 80% remote, 20% onsite. Position is temp to perm. Please only submit candidates with CISSP certiications at this time. The manager is also priortizing candidates with could security certifications. Top 3 Keywords: 1. Cloud Security Engineering (Azure preferred)/Multi-Cloud Security 2. Identity & Access Management (IAM/Entra ID/RBAC) 3. Security Frameworks & Tools (NIST 800-53, HIPAA, PCI-DSS, CIS, SIEM/EDR/CSPM)

Top Required Skills:

• Proven experience securing a multi-cloud environment (Azure preferred).
• Strong cloud identity & access management (IAM) expertise (Entra ID, RBAC, provisioning).
• Deep knowledge of cloud security service lines, security frameworks, and supporting tools (EDR, SIEM, CSPM, Vulnerability Management, etc.).

Must-Have Skills:

• Hands-on experience in cloud security engineering and cloud architecture.
• IAM expertise across cloud/hybrid environments.
• Strong proficiency with cloud security tools: EDR (Defender), SIEM (Sentinel/Splunk), CSPM (Wiz), NAC, NGFWs, encryption.
• Experience with Terraform, PowerShell, automation pipelines, and secure configuration management.
• Strong understanding of NIST 800-53, HIPAA, PCI DSS, CIS Benchmarks, CISA ZTMM, Microsoft CAF, AWS CAF, AWS Well-Architected, Google CAF.
• Experience validating alerts, triaging escalations, and tuning detections with internal teams/MSP.
• Experience writing incident response plans, runbooks, tabletop exercises, and system hardening guides.
• Ability to guide internal stakeholders on InfoSec best practices (cloud, identity, monitoring, data protection).
• Experience supporting audits, compliance, risk remediation, and evidence collection.
• Ability to work independently as a subject matter expert.

Nice-to-Have Skills:

• Experience supporting clinical/healthcare systems security (EHR, Epic, Lawson).
• Knowledge of Active Directory, UNIX, database query techniques, and data analysis.
• PMO/project management skills and familiarity with SDLC methodologies.
• Experience mentoring junior engineers.
• Experience with virtualization technologies.

Key Responsibilities & Duties:

• Design, implement, and optimize multi-cloud security controls, architectures, and service lines.
• Collaborate with engineering, DevSecOps, compliance, and infrastructure teams to secure cloud and hybrid environments.
• Lead security engineering tasks including incident response planning, runbooks, system hardening, and control tuning.
• Support cloud security operations by validating alerts, triaging incidents, tuning detections, and optimizing security tooling.
• Provide security guidance in architecture and governance forums, ensuring alignment with CHOP standards and industry frameworks.
• Lead or support audits, compliance assessments, risk mitigation plans, and documentation requirements.

Requirements:

• Bachelor's degree (Computer Science/Information Systems preferred).
• 12+ years industry experience across IT disciplines; 6+ years in information security, compliance, and risk management.
• 3+ years experience in IAM, RBAC, provisioning, access governance, or security control assessments.
• Experience with multi-cloud architecture, cloud security tools, and virtualization technologies.
• Strong understanding of security regulations, frameworks, and cloud security best practices.