Cloud Security Engineer

Overview:

About AIQ:

AIQ is an Abu Dhabi based joint venture company between Presight and ADNOC, which focuses on developing artificial intelligence technologies. AIQ develops and commercializes AI products and applications for energy world. It aims in providing end-to-end solutions by using its data, cloud and talents to develop AI solutions that seek to reduce costs and generate revenue for its clients. AIQ embodies an innovative and entrepreneurial spirit that embraces challenges to push boundaries and seeks to welcome professionals to its team that share the desire to make meaningful and impactful contributions to its mission. Always on the cutting edge of technology, AIQ provides its talent all the opportunities to thrive and excel. Working at AIQ includes dealing with massive data sets, an AI infrastructure that is powered by the latest NVIDIA GPU cloud computing platform and access to limitless computing, storage and network resources.

About the role: 

As a Cloud Security Engineer, you will play a critical role in designing, implementing, and managing the security posture of our cloud infrastructure. You will lead efforts to safeguard sensitive data, ensure regulatory compliance, and embed security into every stage of our cloud development lifecycle. This is a hands-on technical role with strategic influence, working closely with engineering, DevOps, and compliance teams.

Responsibilities:

1. Cloud Infrastructure Security
   • Design, implement, and manage security controls across AWS, GCP, and Azure environments.
   • Ensure secure configuration and continuous monitoring of cloud resources.
2. Micro-services & Container Security
   • Secure micro-services-based architectures, including APIs, service mesh, and container workloads.
   • Apply best practices for Kubernetes security and container orchestration.
3. CI/CD Pipeline Integration
   • Integrate security tools and processes into CI/CD pipelines to ensure early detection and prevention of vulnerabilities.
   • Automate security checks and compliance enforcement throughout the deployment lifecycle.
4. Threat & Risk Analysis
   • Conduct regular threat modeling and risk assessments to identify and mitigate potential vulnerabilities.
   • Translate business risks into actionable security requirements.
5. Log & Data Analysis
   • Analyze logs, network data, and system behavior to detect anomalies and potential breaches.
   • Utilize SIEM tools and custom analytics for proactive threat detection.
6. Vulnerability Management
   • Perform regular vulnerability assessments and penetration testing using industry-standard tools (e.g., Burp Suite, OWASP ZAP, SonarQube).
   • Drive remediation efforts and verify the closure of identified vulnerabilities.
7. Security Tooling & Innovation
   • Independently trial, evaluate, and deploy new security tools and technologies.
   • Stay ahead of emerging threats and continuously enhance the security toolset.
8. Server and Edge Hardening
   • Apply best practices for server hardening and secure configuration management.
   • Implement edge security controls including WAF, CDN-based protections, and secure DNS.
9. Security Architecture & Strategy
   • Design scalable and resilient security architectures for cloud-native applications.
   • Contribute to the long-term strategic planning of security engineering initiatives.
10. Governance, Compliance, and Policy Enforcement
    • Ensure adherence to relevant compliance standards such as GDPR, HIPAA, NIST.
    • Define and enforce security policies, procedures, and documentation.
11. Incident Response & Recovery
    • Lead incident response efforts, root cause analysis, and forensic investigations.
    • Develop and maintain incident response and disaster recovery plans.
12. Cross-Functional Collaboration
    • Partner with developers, operations, and leadership to embed security into all stages of development and deployment.
    • Educate and support teams on secure coding practices and secure infrastructure provisioning.
13. Performance & Security Optimization
    • Ensure the security controls and solutions do not adversely impact system performance or user experience.
    • Continuously optimize the balance between robust security and operational efficiency.

Qualifications:

Requirements:

• Cloud Expertise: Extensive experience with leading cloud infrastructure providers (AWS, GCP, Azure).
• Micro-services: Comprehensive experience with micro-services architecture.
• CI/CD Integration: Proven experience integrating security solutions in CI/CD pipelines.
• Threat Analysis: Expert ability to perform threat and risk analysis and assess business impacts.
• Log Analysis: Highly proficient in analyzing logs, network data, and other information sources.
• Vulnerability Tools: Extensive experience with vulnerability assessment tools and conducting audits.
• Independent Tool Deployment: Strong ability to independently trial and deploy new security solutions.
• Penetration Testing: In-depth understanding of OWASP, capable of conducting both dynamic and static security testing using tools like Burp Suite, SonarQube, OWASP ZAP.
• Server Hardening: Experience in applying security best practices for server hardening.
• Edge Security: Proven experience in securing edge servers and networks.

Preferred Skills:

• WAF Experience: Deep familiarity with Web Application Firewalls.
• Kubernetes: Significant experience with Kubernetes for container orchestration and security.
• Security Architecture: Experience designing and implementing security architecture for large-scale cloud environments.
• Strategic Planning: Ability to develop long-term strategies for security architecture and engineering.
• Cross-Functional Collaboration: Experience working with cross-functional teams including developers, operations, and executive leadership to ensure comprehensive security solutions.
• Automation: Expertise in automating security processes and integrating them into CI/CD pipelines.
• Compliance and Governance: Strong understanding of compliance standards and governance frameworks (e.g., GDPR, HIPAA, NIST).
• Incident Response: Experience leading incident response efforts and developing incident response plans.
• Performance Optimization: Skills in optimizing security performance without compromising functionality or user experience.