Job Description
Insight Global is seeking a remote Cloud & CI/CD Security SME to join a global consulting firm. This person would be joining their Security Operations - Attack Surface Management (ASM) team within the organizations Information Security & Risk Management (ISRM) function as a Subject Matter Expert in Cloud security, CI/CD pipeline security, and Infrastructure-As-Code (IaC) security.
This person will be responsible for owning the end-to-end lifecycle of security finding, from
detection and triage through remediation guidance, SLA tracking, escalation, and closure across the organizations multi-cloud environment, CI/CD pipelines, and code repositories. You would be expected to provide remediation guidance on cloud and code security matters to engineering, DevOps, and architecture teams, while building and maintaining runbooks and operational playbooks for the ASM team.
Compensation:
$13/hr to $16/hr
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401K retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
-3–6 years of hands-on experience in cloud security operations, DevSecOps, CI/CD security, or a closely related security engineering role
-Deep experience securing CI/CD pipelines (security of the pipeline infrastructure itself and security within the pipeline)
-Ability to script and automate operational security workflows
-Hands-on experience investigating and remediating hardcoded secrets in production repositories, including credential rotation, commit-history remediation, and prevention strategy design
-Demonstrated skill in reviewing IaC templates for security misconfigurations and writing specific,
developer-friendly remediation guidance
-Solid understanding of IAM design, cloud networking, and secure configuration principles across at major cloud platforms (AWS preferred)
-Experience managing security findings against SLAs in an enterprise environment including
escalation, exception handling, and stakeholder communication
-Ability to translate complex technical findings into clear, actionable remediation guidance for both developers and non-technical stakeholders
-Comfort working in a globally distributed team with cross-functional dependencies across cloud
engineering, DevOps, and architecture groups
-Experience working within a complex, matrix-structured global organization
-Ability to operate and tune cloud security posture tooling at enterprise scale, including policy customization, alert lifecycle management, and cross-team remediation workflows
Nice to Have Skills & Experience
-Relevant industry certifications in cloud security or container security
-Experience with IT service management platforms for incident tracking and workflow
management
-Familiarity with agile delivery practices and sprint-based work management
-Experience contributing to compliance audit preparation or evidence collection
-Bachelor’s degree in Computer Science, Information Technology, or equivalent practical
experience
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.