The Cloud Centre of Excellence (CCoE) team of highly skilled professionals dedicated to advancing GGL’s cloud computing capabilities. The CCoE team is responsible for leading and facilitating the adoption of cloud technologies and practices across GGL. As a Cloud Security Enginee r, you will contribute to ensuring the security of cloud-based infrastructures and applications within the organization, with a focus on implementing Shift Left security practices and integrating security into Infrastructure as Code (IaC) methodologies. Your responsibilities will include assessing, implementing, and managing security controls to protect cloud environments from the earliest stages of development, leveraging automation and orchestration techniques inherent to IaC practices. This position requires a solid understanding of cloud technologies, security best practices, and the ability to embed security into the development lifecycle and IaC workflows. Responsibilities : Contribute to the implementation of Shift Left security practices within the organization, integrating security into the earliest stages of the development lifecycle. Collaborate with development teams to embed security controls, such as code scanning, vulnerability assessment, and secure coding practices, into CI/CD pipelines and IaC workflows. Conduct security assessments of Infrastructure as Code (IaC) templates and configurations to identify vulnerabilities, misconfigurations, and security risks. Perform static code analysis and automated security scans to identify and remediate security issues early in the development process. Implement security controls and measures within IaC scripts and configurations to protect cloud resources. Embed security best practices, such as IAM policies, encryption, network security rules, and access controls, directly into IaC templates and deployment pipelines. Monitor IaC deployments for security incidents and respond promptly to security alerts and breaches. Develop incident response procedures specific to IaC environments and coordinate response efforts with development and operations teams. Develop and implement automation solutions for security tasks and processes within IaC pipelines. Utilize tools and frameworks such as Terraform, AWS CloudFormation, or Azure Resource Manager to automate security controls deployment, configuration management, and compliance checks within IaC workflows. Ensure that IaC templates and deployments comply with relevant regulatory requirements, industry standards, and organizational policies. Collaborate with compliance teams to conduct audits, assessments, and reviews specific to IaC security. Provide security awareness training and guidance to development and DevOps teams on integrating security into the development process and IaC workflows. Educate teams on secure coding practices, security controls implementation, and compliance requirements for IaC environments. Maintain accurate documentation of security configurations, policies, procedures, and incident response activities related to development environments and IaC deployments. Generate reports on Shift Left security and IaC security metrics, compliance status, and incident trends for management and stakeholders. Job requirements Bachelor’s or master’s degree in computer science, Software Engineering, or a related field. Minimum of 2 to 3 years of professional experience in Cloud Security Engineering with a strong focus on IAC, shift left and incident response Strong understanding of cloud computing concepts and architectures, with experience working with both Azure and AWS cloud platforms. Solid understanding of infrastructure as code principles and practical experience Excellent communication skills with the ability to effectively collaborate with cross-functional teams and stakeholders Strong troubleshooting and problem-solving skills with the ability to debug complex issues in a distributed environment. Familiarity with CI/CD concepts and experience with tools like Jenkins, GitLab CI/CD, or AWS CodePipeline Knowledge of security principles, practices, and technologies, including network security, encryption, identity, access management (IAM), and security monitoring Proficiency in security monitoring and incident response tools and technologies, such as SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions. Experience implementing and managing security controls in cloud environments, including IAM policies, firewall rules, encryption keys, and security groups. AWS certifications such as AWS Certified Cloud Practitioner, AWS Certified Security Specialty, and AWS Certified Solutions Architect. Azure certifications such as Azure Security Associate, Azure Cybersecurity Architect Expert Games Global is committed to fostering a diverse and inclusive work environment. We are an equal opportunity employer and welcome applicants from all backgrounds, experiences, and communities. We do not discriminate based on race, colour, religion, gender, sexual orientation, age, national origin, disability, neurodiversity or any other protected status. Our dedication to promoting diversity, multiculturalism, and inclusion is clearly reflected across all our teams. Join us, and be a part of an organization that is truly committed to creating a level playing field for everyone. Kindly be aware that in order to be employed at Games Global, you need to be 18 years of age or older, in accordance with our industry requirements. #J-18808-Ljbffr