Senior Cloud Security Engineer; L2

Sr. Cloud Security Engineer plays a key role in securing the organization’s multi-cloud environment by enhancing visibility, compliance, and threat detection through Cloud Security Posture Management (CSPM) and workload protection tools. This role supports the onboarding and optimization of CSPM solutions, helping to identify and remediate security risks while ensuring alignment with best practices.

Working closely with the Global Information and Cyber Security Defense (ICSD) team, the engineer will manage and maintain cloud security platforms, triage and fine‑tune alerts, and support incident response efforts. The ideal candidate combines strong analytical skills with hands‑on cloud experience to enable secure and scalable cloud adoption across the organization.

In addition, the individual will contribute to the broader Security Engineering team
, supporting the development and maintenance of the organization’s security infrastructure. The ideal candidate combines a deep understanding of cybersecurity operations with a strong background in Cloud Security to build scalable, resilient, and secure systems.

Note that visa employment-based non‑immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.

• Serve as the subject matter expert for WTW's CSPM and CWPP tools, managing daily operations, integrations, and ongoing optimization.
• Administer, maintain, fine‑tune, and automate threat and vulnerability management in the cloud using the CSPM solution
• Continuously refining detection rules and operational alerts within WTW’s broader cloud security platforms to improve signal‑to‑noise ratio and enhance incident response effectiveness
• Implement and manage Cloud Security Tools.
• Leverage CSPM insights to identify emerging threats and misconfigurations in cloud environments (AWS, Azure, GCP).
• Work with internal Security, Dev Ops, and Engineering teams to ensure compliance and remediation of cloud security findings.
• Conduct cloud security risk assessments and drive remediation based on findings.
• Develop dashboards and reports using Cloud tools to measure cloud security posture, effectiveness, and trends.
• Maintain and enhance security monitoring, logging, and incident response capabilities for cloud environments (AWS, Azure, GCP)
• Support the administration and management of security tools within the Security Engineering team.
• Create technical documentation and deliver enablement sessions to enhance security awareness and practices within engineering teams.

Qualifications

• 5+ years of experience in Information Security, Cloud Security, or Security Engineering.
• Strong understanding of Azure configuration for securing resources and knowledge of compliance standards such as CIS, NIST, and ISO.
• Proficiency in CSPM tools such as Microsoft Defender for Cloud, Wiz, Orca, Check Point Cloud Guard, or similar.
• Strong understanding of cloud security frameworks and standards (CIS, NIST, CSA, MITRE ATT&CK).
• Experience with cloud-native security controls, including IAM, KMS, VPC security, encryption, logging, and monitoring.
• Experience with SIEM/analytics tools (e.g., Microsoft Sentinel, Splunk), particularly in the context of policy configuration, fine‑tuning, and SOAR platforms.
• Functional knowledge of Power Shell, Azure Automation, Kusto Query Language (KQL), and terraform.
• Deep understanding of CI/CD pipelines and integrating security into Dev Ops workflows.
• Proven ability to deploy, configure, and maintain CSPM and CWPP tools in production environments.

• Strong communication and collaboration skills, with proven experience working in cross‑functional global teams.
• Strong problem‑solving and critical thinking skills for addressing security issues and finding effective solutions.
• Outstanding written and verbal communication skills.
• Ability to work both independently and collaboratively in a fast‑paced environment.
• Strong communication skills, with the ability to explain security concepts to non‑technical stakeholders.

• Microsoft Certified:
  Azure Security Engineer Associate (
  AZ-500
  )
• Microsoft Certified:
  Security, Compliance, and…