Note: The job is a remote job and is open to candidates in USA. Blue Cross and Blue Shield of Nebraska is a mission-driven organization dedicated to championing the health and well-being of its members and communities. The Senior Cloud Security Engineer is responsible for designing, implementing, and operating cloud security capabilities across the enterprise while leading and mentoring junior team members.
Responsibilities
- Design and implement secure Azure configurations, guardrails, and reference architectures across identity, network, compute, and data
- Build and enforce policy-as-code and secure-by-default deployment patterns using Azure Policy and infrastructure-as-code
- Own and mature Cloud Security Posture Management (CSPM), including risk prioritization, remediation, and baseline alignment
- Implement, tune, operate, and optimize cloud security tooling and core security platforms, including Microsoft Defender, WAF, Microsoft Sentinel, Entra ID, CyberArk, CrowdStrike, and related capabilities
- Define and enforce security guardrails for AI usage and secure adoption of AI platforms
- Identify, assess, and mitigate cloud and AI security risks, including misconfigurations, access risks, and emerging threats
- Partner with platform and application security teams to integrate security into CI/CD pipelines and enable secure AI-assisted development practices
- Build automation to improve remediation, monitoring, and compliance reporting at scale
- Partner with engineering teams to translate security strategy into practical, implemented solutions
- Mentor junior engineers and provide technical leadership while serving as a senior escalation point for complex issues
Skills
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)
- 6+ years of experience in cloud security, cybersecurity engineering, or related fields
- Hands-on experience securing Azure environments, including identity, network, and platform services
- Experience implementing and operating cloud security controls and tooling
- Strong understanding of cloud security risks and misconfiguration patterns, including identity and access risks
- Experience with Infrastructure as Code (Terraform, Bicep, ARM) and policy-as-code
- Proven ability to assess risk, prioritize remediation, and drive issues to resolution
- Comfort working independently, taking ownership, and delivering outcomes with minimal oversight
- Experience partnering with engineering teams to implement practical, scalable security solutions
- Strong communication skills with the ability to engage effectively with engineers, architects, and leadership
- Experience securing AI/ML or AI-enabled platforms and implementing guardrails for enterprise AI usage
- Familiarity with AI-related threats (e.g., prompt injection, data leakage, model misuse)
- Scripting or automation experience (PowerShell, Python, or similar)
- Familiarity with compliance frameworks (NIST, CIS, HIPAA)
- Experience in healthcare or other regulated industries
Benefits
- This position allows remote flexibility but will have 1 day per week in the office.
- If living in one of our approved states (Florida, Iowa, Kansas, Minnesota, Missouri, Nebraska, North Dakota, and Texas) – this person may travel to our headquarters based on business needs.
Company Overview