Well Planned, Well Invested, Well Protected®
Cloud Security Engineer
Location
Connecticut + 2 moreAll locations: Connecticut | Massachusetts | Georgia
Posted
6 days ago
Salary
$114.5K - $130K / year
Seniority
Mid Level
Job Description
Cloud Security Engineer
Voya Financial
Role Description Together we fight for everyone’s opportunity for a better financial future. We will do this together — with customers, partners and colleagues. We will fight for others, not against: We will stand up for and champion everyone’s access to opportunities. The status quo is not good enough … we believe every individual and every community deserves access to financial opportunities. We are determined to support both individuals and communities in reaching a better financial future. We know that reaching this future depends on our actions today. Like our Purpose Statement, Voya believes in being bold and committed to action. We are committed to a work environment where the differences that we are born with — and those we acquire throughout our lives — are understood, valued and intentionally pursued. We believe that our employees own our culture and have a responsibility to foster an environment where we all feel comfortable bringing our whole selves to work. Purposefully bringing our differences together to positively influence our culture, serve our clients and enrich our communities is essential to our vision. Are you ready to join a company with a strong purpose and a winning culture? Start your Voyage – Apply Now This role is remote with the expectation that candidates are based near one of the following Voya office locations: Windsor, CT; Boston, MA; or Atlanta, GA. Voya is seeking a Senior IT Security Specialist to strengthen our SaaS Security Posture Management (SSPM) , Cloud Security Posture Management (CSPM) , and container security capabilities across a rapidly evolving hybrid cloud and SaaS ecosystem. This role will partner closely with Cloud, DevSecOps , Application Security, and Platform Engineering teams to identify, assess, and remediate security risks across SaaS platforms, public cloud infrastructure, and containerized workloads. The ideal candidate brings strong hands-on experience with cloud-native security controls, automation , Infrastructure-as-Code (IaC) , Policy-as-Code (PaC) , and modern security tooling. Experience with CrowdStrike Falcon Shield , Palo Alto Prisma , Cortex or similar platforms is highly desirable. Familiarity with AI Security Posture Management (AI-SPM) and MLOps security is a strong plus as Voya continues to expand its AI-enabled capabilities. Qualifications - 5+ years of experience in information security, with strong focus on cloud and SaaS security. - Hands-on experience with Cloud Security Posture Management (CSPM) in AWS and/or Azure. - Experience with SaaS Security Posture Management (SSPM) tools such as: - CrowdStrike Falcon Shield - Palo Alto (SaaS / Prisma-related capabilities) - or similar platforms - Strong understanding of container security and Kubernetes environments. - Proficiency in scripting and automation (Python, PowerShell, Bash). - Practical experience with Infrastructure-as-Code (IaC) and Policy-as-Code (PaC). - Solid understanding of IAM, identity federation, least-privilege access, and SaaS permissions models. - Ability to work cross-functionally with cloud, DevOps, AppSec, and platform teams. Requirements - Support SaaS Security Posture Management (SSPM) initiatives across enterprise SaaS platforms. - Configure, operate, and tune SSPM/CSPM tools to identify misconfigurations, excessive permissions, and risky integrations. - Support and mature CSPM capabilities across AWS and Azure, including continuous monitoring and risk prioritization. - Partner with application owners to drive remediation of SaaS and cloud security findings. - Secure cloud-native workloads across AWS and Azure using native and third-party security controls. - Support container and Kubernetes security, including image scanning, runtime protections, and policy enforcement. - Collaborate with DevSecOps teams to embed security controls into CI/CD pipelines. - Develop and maintain security automation using scripting languages (Python, PowerShell, Bash). - Implement and review Infrastructure-as-Code (Terraform, ARM, CloudFormation) with a security-first mindset. - Design and enforce Policy-as-Code (OPA, Sentinel, native cloud policies) to prevent insecure deployments. - Enable shift-left security by integrating controls early in the development lifecycle. - Contribute to emerging AI Security Posture Management (AI-SPM) efforts. - Partner with platform and data teams to assess and secure MLOps pipelines, models, and supporting infrastructure. - Help define guardrails for AI usage, data access, and model governance. - Translate technical findings into actionable risk insights for remediation. - Support audits, risk assessments, and regulatory inquiries related to cloud and SaaS security. - Stay current on emerging threats, SaaS attack patterns, cloud security trends, and AI security risks. - Mentor junior team members and influence secure-by-design practices across the organization. Benefits - Health, dental, vision and life insurance plans - 401(k) Savings plan – with generous company matching contributions (up to 6%) - Voya Retirement Plan – employer paid cash balance retirement plan (4%) - Tuition reimbursement up to $5,250/year - Paid time off – including 20 days paid time off, nine paid company holidays and a flexible Diversity Celebration Day. - Paid volunteer time — 40 hours per calendar year
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Information System Security Manager – ISSM
Game Plan TechMission-driven engineering firm helping government teams innovate.
• Own the full RMF lifecycle from system categorization through ATO and continuous monitoring • Author and maintain SSPs, POA&Ms, SARs, and SCTM documentation • Coordinate with government AOs, SCAs, and ISSOs across programs • Manage NIST SP 800-53 control implementation, testing, and evidence collection • Govern the security posture of AI and ML systems operating within classified enclaves • Assess novel risks introduced by LLMs and agentic workflows in DoW environments • Apply DISA STIGs and DoW cloud SRG requirements across IL4–IL6 deployments • Support JSIG and ICD 503 requirements where SAP/SCI accreditation applies • Interpret evolving guidance — CMMC 2.0, NSM-8, DoW AI Ethics Principles — and translate into action before it becomes mandatory • Define security approval pathways for AI tools where none yet exist • Build lightweight security review processes that enable engineering teams rather than blocking them • Serve as the primary liaison with government ISSOs, AOs, and DCSA representatives • Communicate risk clearly to non-security audiences including engineers and program leads • Mentor junior ISSOs and build security-awareness culture across the organization
• Design, deploy, and manage enterprise network security solutions • Configure and administer Fortinet, SonicWall, and Palo Alto firewalls • Implement and maintain VPNs, IPS/IDS, web filtering, NAT, ACLs, and segmentation policies • Monitor security events using SIEM, XDR, and SOC monitoring platforms • Investigate security incidents, perform threat analysis, and support incident response activities • Manage firewall policies, security rules, and compliance controls • Implement Zero Trust Network Access (ZTNA) and identity-based security controls • Support cloud security initiatives across AWS, Azure, and hybrid infrastructure • Configure and support SD-WAN and Secure Access Service Edge (SASE) solutions • Conduct vulnerability assessments and remediation activities • Collaborate with infrastructure, cloud, and application teams to secure enterprise environments • Maintain security documentation, diagrams, SOPs, and audit records • Participate in on-call rotations and critical incident handling
Senior Product Security Engineer – Network and Infrastructure
CrowdStrikeCrowdStrike has redefined security with the world’s most advanced cloud-native platform that protects and enables the people, processes and technologies that drive modern enterprise. Tested and proven, the world's largest organizations trust CrowdStrike to stop breaches with unparalleled protection against the most sophisticated cyberattacks. The CrowdStrike culture has been built upon our Core Values since the day we began. We are Fanatical About the Customer, Relentlessly Focused on Innovation and believe that our Limitless Passion drives Unlimited Potential for every CrowdStriker. As a purpose-built remote-first company, we believe cultivating a connected culture for every employee, no matter where they are in the world, is a key ingredient in building a high-performing, diverse team. We don’t have a mission statement. We’re on a mission—to stop breaches. Ready to join a mission that matters?
• Develop and maintain a comprehensive understanding of CrowdStrike's hybrid networks spanning public cloud (AWS, GCP, Azure) and physical data centers, continuously assessing attack surface and identifying security gaps. • Design and architect new network connection patterns and zone segmentation strategies that reduce risk while enabling product scalability. • Build scalable monitoring, alerting, and automation solutions targeting network security risks across a fast-moving, dynamic environment. • Lead threat modeling efforts focused on network architecture, data flows, and connectivity patterns across platform services. • Evaluate current threat landscape and business priorities to effectively sequence and drive the highest-impact security improvements. • Lead complex, cross-team security initiatives with broad impact across the product group. • Contribute to medium-term strategic direction for network security; proactively identify areas of greatest need and develop actionable plans to address them. • Provide architectural and design expertise that accounts for the broader platform picture, not just point-in-time solutions. • Serve as an internal authority on network security architecture within CrowdStrike's product organization. • Volunteer for and lead working groups and initiatives that have impact at the Product team level or broader industry level. • Partner closely with product engineering, infrastructure, and platform teams to understand scaling requirements and translate them into secure-by-design network architectures. • Work across organizational boundaries to facilitate alignment on security requirements, driving consensus on complex and ambiguous problems. • Clearly communicate decisions and architectural direction to both technical and non-technical stakeholders once alignment is reached. • Serve as a role model for security culture and best practices within your functional area. • Multiply the effectiveness of the broader team by facilitating cross-team knowledge sharing and collaboration. • Guide and develop technical talent through coaching, code reviews, and architectural deep-dives. • Contribute to the growth of the security organization by mentoring team members and helping refine technical interviewing standards.
• Build detections and security signal pipelines in Datadog. • Serve as the subject matter expert on AWS Cloud and on-prem infrastructure security. • Define and set up AWS and on-prem Security Monitoring/Best Practices Strategy. • Act as the technical lead during security incidents, including investigation and remediation. • Improve Terraform Modules and Infrastructure as Code (IaC) to follow security best practices. • Develop and implement a vulnerability monitoring strategy and integrate it into CI/CD pipelines. • Build security automation using Python, scripting, and APIs. • Partner with Infrastructure on AWS security engineering, including IAM, KMS, and network segmentation. • Operate SOC 2 Type 2 evidence collection and audit response. • Drive ISO 27001 implementation work, including risk assessments and control mapping. • Ensure infrastructure compliance with regulatory requirements. • Run vendor and subprocessor risk reviews. • Respond to customer security questionnaires and external inquiries. • Mentor and enable other team members to improve their security posture.
