Security Engineer- Cloud & AppSec - Remote

Security Engineer- Cloud & AppSec - Remote

Job Overview

Baker, Donelson, Bearman, Caldwell, & Berkowitz, PC is seeking a Security Engineer focused on Cloud and Application Security to join our Security team. This role partners closely with IT and Development teams to define, implement, and monitor application and cloud security standards.

Responsibilities

• Collaborate with IT, DevOps, and Business Development teams to establish and maintain application security standards, secure development lifecycles, and baseline security requirements.
• Monitor cloud environments for security posture and recommend improvements.
• Conduct security assessments and reviews of cloud architecture and application configurations to identify risks and recommend solutions.
• Define and document security requirements for application deployments, CI/CD pipelines, and infrastructure-as-code templates.
• Advise on secure design principles and help teams interpret security requirements within software delivery workflows.
• Stay current with cloud security trends, vulnerabilities, and best practices and translate them into actionable guidance.
• Support incident response investigations and remediation planning related to cloud and application security.
• Participate in and contribute to strategic planning initiatives
• Contribute to security operations functions

Qualifications

Required

• 5+ years of experience in cloud security, application security, or cybersecurity engineering.
• Deep knowledge of cloud platforms and cloud security technologies.
• Working knowledge of common programming languages (e.g., C#, JavaScript/TypeScript, SQL) sufficient to review security‑relevant application logic and identify typical implementation weaknesses.
• Hands‑on experience with DevSecOps tooling including SAST, SCA, or DAST solutions to enable lightweight security validation within CI/CD pipelines.
• Familiarity with Azure application security capabilities, such as enforcing HTTPS‑only configurations, leveraging private endpoints, and applying identity‑based access patterns to support secure deployment practices
• Experience collaborating with developers and infrastructure engineers.
• Familiarity with threat modeling, risk assessment