DescriptionM&A Cloud Security Associate DirectorPosition SummaryWe are seeking an experienced Cloud Security Expert to lead the design, implementation, and continuous improvement of cloud security controls across multi-cloud environments. This role will be for a 6/12 month contract. This role will focus on Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), and Cloud-Native Application Protection Platform (CNAPP) using tools such as Microsoft Defender for Cloud, Wiz, or CrowdStrike.The ideal candidate will have hands-on expertise in cloud security architecture, threat detection, and compliance enforcement, combined with strong knowledge of identity, network, and workload security in Azure, AWS, and GCP environments.Key ResponsibilitiesCloud Security Architecture & GovernanceDefine and maintain multi-cloud security architectures aligned with organizational security strategy and compliance requirements.Develop and enforce cloud security policies, standards, and guardrails for Azure, AWS, and GCP.Conduct threat modeling and risk assessments for new cloud services and workloads.Security Posture Management & ToolingDeploy, configure, and optimize Microsoft Defender for Cloud, Wiz, or CrowdStrike for CSPM, CWPP, and CNAPP capabilities.Integrate security findings into SIEM/SOAR workflows and drive remediation with engineering teams.Implement cloud-native security services such as Azure Policy, AWS Security Hub, and GCP Security Command Center.DevSecOps & AutomationEmbed security into CI/CD pipelines using GitHub Actions, Azure DevOps, or Jenkins.Implement policy-as-code and IaC security scanning for Terraform, Bicep, and CloudFormation templates.Automate security controls and compliance checks using Python, PowerShell, or equivalent scripting languages.Identity, Access & Network SecurityDesign and enforce least privilege IAM policies, role-based access control, and conditional access across cloud platforms.Implement network segmentation, private endpoints, and firewall policies to secure workloads.Monitoring, Detection & Incident ResponseConfigure and monitor Defender for Cloud, Wiz, or CrowdStrike dashboards for anomaly detection and threat alerts.Lead cloud security incident investigations, root cause analysis, and remediation efforts.Required QualificationsBachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).5+ years of experience in cloud security, with strong expertise in Azure and exposure to AWS/GCP.Hands-on experience with Microsoft Defender for Cloud, Wiz, or CrowdStrike for CSPM, CWPP, and CNAPP.Strong knowledge of IAM, encryption, network security, and container security in cloud environments.Experience with DevSecOps practices, including IaC security and pipeline integration.Familiarity with compliance frameworks (CIS, NIST, ISO 27001, SOC 2).Scripting proficiency in Python or PowerShell.Preferred QualificationsCertifications: Azure Security Engineer Associate, CCSP, or CISSP.Experience with Zero Trust Architecture and micro-segmentation.Knowledge of Kubernetes security (AKS, EKS, GKE) and container runtime protections.Additional certifications such as Azure Solutions Architect Expert, Azure Administrator Associate, or Azure DevOps Engineer Expert are highly desirable.Tools & TechnologiesCloud Platforms: Azure, AWS, GCPSecurity Tools: Microsoft Defender for Cloud, Wiz, CrowdStrike, SIEM/SOAR platformsIaC & Automation: Terraform, Bicep, CloudFormation, OPA/Conftest#LI-KS1