Key skills
PythonBashPowerShellDatabricksAWSAzureTerraformKubernetesIAMEntra IDCI/CDCommunicationNetwork SecurityCloud Security
About this role
Milliman is an independent company delivering market-leading services and solutions worldwide. They are seeking a Cloud Support Engineer – Security to manage the security posture of cloud platforms, focusing on AWS and Azure while collaborating with engineering and operations teams to enhance compliance and governance.
Responsibilities:
- Provide security guidance for cloud architectures and changes (network segmentation, private connectivity, encryption patterns, key management), and review designs for risk and alignment to standards
- Implement and maintain least-privilege access using AWS IAM/Organizations and Azure Entra ID/RBAC, including privileged access workflows, role design, service principals, and periodic access reviews
- Enable and tune cloud-native security signals (e.g., CloudTrail/Config/GuardDuty, Azure Activity Logs/Defender for Cloud/Sentinel) and ensure centralized logging, alerting, and actionable runbooks
- Drive patching and vulnerability remediation for cloud workloads and platform services; enforce secure configuration baselines and continuously assess drift using CSPM/configuration tools
- Build guardrails and automate security controls with Infrastructure as Code (e.g., Terraform) and scripting (Python/Bash/PowerShell), including policy-as-code, CI/CD checks, and standardized hardened templates
- Maintain cloud security standards, support audits (e.g., HITRUST), evidence collection, risk assessments, and exception management; translate control requirements into actionable technical controls
- Collaborate with cloud/platform teams and application owners to prioritize security work, provide guidance, and deliver secure-by-default patterns without blocking delivery
Requirements:
- The ideal candidate must have Cloud Certification (Azure Or AWS)
- The ideal candidate must have minimum 5 years of experience in cloud security, cloud engineering with a primary security focus, or security operations supporting public cloud environments
- The ideal candidate must have minimum 3 years of hands-on security experience in AWS and Azure, including implementing IAM, network security controls, logging/monitoring, and policy enforcement; relevant cloud certifications required (AWS and/or Azure)
- The ideal candidate must have previous experience operating and improving security controls such as CSPM, vulnerability management, SIEM/SOAR, EDR, and incident response processes
- The ideal candidate must have hands-on scripting/automation experience (Python, Bash, and/or PowerShell) and Infrastructure as Code concepts to automate security checks and guardrails
- Must have excellent communication skills (verbal and written), with the ability to translate security risk into clear technical and business recommendations
- HITRUST and/or other regulated-environment experience (e.g., SOC 2, ISO 27001), including audit support and evidence collection
- Experience securing Databricks and data platforms (workspace access controls, secret scopes, logging, network controls)
- Infrastructure as Code (IaC) experience, especially Terraform, including policy-as-code/guardrails (e.g., Sentinel/OPA) and standardized secure modules
- Container/Kubernetes security experience (image scanning, admission controls, runtime protections, and cluster hardening)