Orienta | Talent & Performance · 1 month ago
Principal Cloud Security Engineer (LATAM)
United States
Full-time
Remote
Lead/Staff
10+ years expOrienta is partnering with a global technology company that builds an end-to-end Human Capital Management (HCM) platform used by organizations worldwide. The Principal Cloud Security Engineer will serve as a hands-on technical expert, responsible for designing and implementing security controls across multiple cloud environments, primarily Azure and AWS, while ensuring compliance with global regulatory requirements.
Human Resources
Responsibilities
Lead end-to-end implementation of CNAPP solutions (Wiz) across Azure and select AWS environments, including policy design, tuning, and operational workflows
Harden cloud environments through identity and access controls, Azure Policies, network segmentation, and cloud-native security tooling
Develop and maintain secure IaC and DevSecOps practices—integrating security into CI/CD pipelines (Terraform, GitHub Actions, etc.), artifact signing, SBOMs/attestations
Translate frameworks such as FedRAMP, NIST, CIS, and PBMM into technical controls, automated evidence collection, and continuous monitoring
Define policy-as-code patterns and reusable Terraform modules to prevent misconfigurations before deployment
Partner with product, engineering, and platform teams to design secure cloud architectures and participate in design reviews
Act as a trusted advisor to cloud, operations, and executive teams—communicating risk, trade-offs, and priorities
Mentor junior engineers and contribute to a culture of security-first thinking
Collaborate with SecOps and AppSec teams to triage findings, evaluate risk, and drive remediation across vulnerabilities, identities, data, and workloads
Use metrics and KPIs to measure posture improvements and demonstrate business impact
Qualification
Required
Bachelor's degree in Computer Science, Engineering, Cybersecurity, or equivalent experience
10+ years in security engineering or security architecture, with deep experience in cloud security (preferably in SaaS or technology companies)
Hands-on expertise with CNAPP platforms (Wiz or similar), including rollout, policy design, tuning, and automation
Microsoft Defender for Cloud and Azure security services (Entra ID, RBAC, Key Vault, networking, monitoring)
Multi-cloud (Azure and AWS)
DevSecOps practices, including pre-merge security checks, image scanning, artifact signing, SBOM/attestations
Production-grade IaC using Terraform Enterprise/Terraform Cloud (modules, registries, policy-as-code, drift management)
Kubernetes/containers (AKS/EKS), image signing, runtime protection, and registry security
Security automation using Python or PowerShell
Experience with KRIs/KPIs and tuning policies against frameworks (CIS, NIST, STIG)
Compliance and security engineering for FedRAMP, PBMM, ISO 27001, SOC 2, or similar regulated environments
Influencing product, engineering, and executive stakeholders
Operating independently with strong ownership and accountability
Preferred
Azure certifications (AZ-500, SC-100, SC-200) highly preferred
Industry certifications such as CISSP or CCSP
DevOps experience with infrastructure/cloud/application pipelines
Experience with SAST/DAST tooling, penetration testing, or security scanning
Knowledge of LLMs and experience building generative AI–powered automation or agents
Programming experience with Python, Java, .NET, C#, Rego, YAML
Benefits
Competitive compensation, perks, and recognition programs
Flexible time-off and well-being benefits
Diversity, equity & inclusion programs that foster belonging
Volunteer opportunities and community engagement
Continuous learning, training support, and paid certifications to accelerate your career growth
Company
Orienta | Talent & Performance
At Orienta, we connect purpose-driven talent with companies shaping the future.
2-10 employees
Funding
Current Stage
Early StageCompany data provided by crunchbase