Cloud Security Consultant :: Toronto ON(2-3 Days/Week Onsite) :: Contract
About the role
Role- Cloud Security Consultant Location- Toronto ON(2-3 Days/Week Onsite) Contract
Need 10+ Yrs of Experience We are looking for a detailed-oriented Cloud Security and AI Test Engineers to join our team. This individual will focus on automating and validating Compliance-as-Code (CaC) policies across multi cloud environments including GCP, Azure and AWS. In this role you will blend your expertise in cloud security with advanced AI tools to enhance compliance, security and test automation, ensuring continuous validation within multi cloud environments.
Key responsibilities: Automated testing for cloud policies Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions
Continuous Testing & CI/CD Integration Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates Automate security scanning and validation of terraform deployments with Python Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.
Cloud Security and Regulatory Compliance enforcement Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates. Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)
Reporting & Audit Readiness
Implement/test logging and monitoring solutions to detect compliance violations in real time. Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni Ensure that all Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.
Must-Have Hard Skills: 8+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles 3+ years of Technical Lead experience Strong Knowledge of GCP, Azure, AWS. Jira and Confluence Proficient within Python CI/CD pipelines Proficient within Terraform
Soft Skills: Strong communication skills (written and verbal) Strong interpersonal skills are required Self-motivated, well organized, able to work both independently and in a team environment Attention to detail and someone who is a self-starter and adaptable
Nice-To-Have Cloud or DevSec Ops engineering certifications Experience with Container security and Kubernetes policy enforcement Hands on experience with Hashi Corp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes Cloud infrastructure as a code - Experience with Helm, ARM, JSON, YAML, REGO Banking or financial institution experience
Similar Jobs
Cloud Security Consultant :: Toronto ON(2-3 Days/Week Onsite) :: Contract
About the role
Role- Cloud Security Consultant Location- Toronto ON(2-3 Days/Week Onsite) Contract
Need 10+ Yrs of Experience We are looking for a detailed-oriented Cloud Security and AI Test Engineers to join our team. This individual will focus on automating and validating Compliance-as-Code (CaC) policies across multi cloud environments including GCP, Azure and AWS. In this role you will blend your expertise in cloud security with advanced AI tools to enhance compliance, security and test automation, ensuring continuous validation within multi cloud environments.
Key responsibilities: Automated testing for cloud policies Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions
Continuous Testing & CI/CD Integration Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates Automate security scanning and validation of terraform deployments with Python Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.
Cloud Security and Regulatory Compliance enforcement Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates. Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)
Reporting & Audit Readiness
Implement/test logging and monitoring solutions to detect compliance violations in real time. Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni Ensure that all Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.
Must-Have Hard Skills: 8+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles 3+ years of Technical Lead experience Strong Knowledge of GCP, Azure, AWS. Jira and Confluence Proficient within Python CI/CD pipelines Proficient within Terraform
Soft Skills: Strong communication skills (written and verbal) Strong interpersonal skills are required Self-motivated, well organized, able to work both independently and in a team environment Attention to detail and someone who is a self-starter and adaptable
Nice-To-Have Cloud or DevSec Ops engineering certifications Experience with Container security and Kubernetes policy enforcement Hands on experience with Hashi Corp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes Cloud infrastructure as a code - Experience with Helm, ARM, JSON, YAML, REGO Banking or financial institution experience