We are looking for a Senior Cloud Security Engineer to join the team focusing on strengthening cloud security by implementing Infrastructure as Code (IaC) security, container security, and host scanning solutions. This role will be key in integrating security into CI/CD pipelines, managing Prisma Cloud, and ensuring security best practices across cloud environments.

We are working closely with a leading client from the financial sector, where our Security Practice plays a critical role. The engagement involves integrating security across cloud infrastructure, CI/CD pipelines, and containerized environments. The focus is on automating security controls, improving cloud security posture, and ensuring compliance through Prisma Cloud, Terraform, and other cloud-native security solutions.

Responsibilities

• Integrate IaC scanning into CI/CD systems, such as Terraform Enterprise
• Implement security scanning within IDEs like Visual Studio Code and IntelliJ, including inline fix suggestions
• Develop, enforce, and manage custom IaC security policies
• Identify and remediate IaC vulnerabilities and misconfigurations
• Create, maintain, and improve the documentation related to security measures and protocols
• Deploy and manage host defenders across multiple cloud environments
• Implement agent-based container security solutions in Kubernetes clusters
• Integrate container image scanning tools with CI/CD tools, such as twistcli, GitHub Actions, Bamboo, and Jenkins
• Configure and enforce trusted image policies and container security best practices
• Generate weekly reports on GCP asset scanning status using Prisma Cloud
• Document and analyze security issues utilizing Prisma Cloud
• Assess Prisma Cloud agent impacts and performance in cloud setups
• Support and validate security baselines and policies across various platforms and environments
• Craft architectural recommendations, deployment notes, and handover documentation
• Engage in regular business-as-usual (BAU) security tasks as needed

Requirements

• Proficiency in cloud security focusing on Google Cloud Platform (GCP)
• Hands-on experience with Cloud Security Posture Management (CSPM) and implementing security frameworks
• Expertise in utilizing Terraform for Infrastructure as Code (IaC) and security automation
• Competency in Google Kubernetes Engine (GKE) security, including container scanning and policy enforcement
• Proficient with Prisma Cloud for cloud security monitoring, compliance, and risk assessment
• Experience integrating security controls into CI/CD pipelines like Jenkins, Bamboo, and GitHub Actions
• Strong knowledge of network security principles and best practices in cloud environments
• Ability to document security architectures, strategies, and remediation steps clearly and comprehensively
• Strong problem-solving skills with the capability to assess and address security risks effectively

Nice to have

• Familiarity with Atlassian Bamboo and Jenkins for secure CI/CD automation
• Background in Financial Services Security and regulatory compliance like PCI-DSS and SOC 2
• Hands-on experience with vulnerability management tools and methodologies
• Relevant certifications such as Google Professional Cloud Security Engineer, CKS, or CISSP

We offer

• We gather like-minded people:
  • Engineering community of industry professionals
  • Friendly team and enjoyable working environment
  • Flexible schedule and opportunity to work remotely within Poland
  • Chance to work abroad for up to 60 days annually
  • Relocation within our 50+ offices
• We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills, and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, Cloud Guru
  • Language classes in English and Polish for foreigners
• We cover it all:
  • Stable income (Employment Contract or B2B)
  • Participation in the Employee Stock Purchase Plan
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
  • Referral bonuses
  • Corporate, social and well-being events
• Please, note:
  • The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview
  • We will reach out to selected candidates exclusively

About EPAM

EPAM is a leading global provider of digital platform engineering and development services. For over 30 years, our team has helped leading brands navigate the waves of digital transformation, building solutions that help them stay competitive through constant market disruption.

With offices in 55+ countries, EPAM has grown in Latvia to over 888+ talented innovators in 3 years. We foster creativity and unconventional ways of doing things, welcoming like-minded professionals to join us.

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.