Project Role : Cloud Platform Engineer
Project Role Description : Designs, builds, tests, and deploys cloud application solutions that integrate cloud and non-cloud infrastructure. Can deploy infrastructure and platform environments, creates a proof of architecture to test architecture viability, security and performance.
Must have skills : Cloud Security Architecture
Good to have skills : NA
Minimum
5 year(s) of experience is required
Educational Qualification : 15 years full time education
Role Overview
The Cloud Security Engineer is a senior technical leader responsible for designing, governing, and leading the implementation of enterprise-grade cloud security solutions across hybrid and multi-cloud environments including AWS, Azure, GCP, and OpenShift (OCP).
Building on strong hands-on cloud-native security expertise, this role acts as a security design authority, embedding Zero Trust, DevSecOps, cloud-native controls, and AI-driven automation into platforms, pipelines, and runtime environments. The role leverages Generative AI and Agentic AI frameworks to enhance threat detection, incident response, posture management, and compliance automation.
Key Responsibilities
- Lead end-to-end implementation of cloud security architectures aligned with enterprise standards and regulatory requirements.
- Review and validate High-Level Designs (HLDs) and translate them into secure, scalable Low-Level Designs (LLDs).
- Govern rollout of:
- Cloud-native security services
- Identity & Zero Trust frameworks
- Security automation and DevSecOps pipelines
- Act as technical authority and escalation point for complex security incidents.
- Drive adoption of AI-assisted security capabilities across detection, response, and remediation.
- Mentor senior and junior engineers and uplift cloud security maturity across delivery teams.
Cloud Security Architecture & Design
- Lead implementation of secure architecture patterns for Hybrid cloud (private + public),Multi-cloud workloads
- Validate designs against CIS Benchmarks, NIST, Zero Trust Architecture
- Design security patterns for Kubernetes & container platforms (EKS, AKS, GKE, OpenShift), Data, storage, and AI/ML workloads
- Provide architectural feedback to cloud and enterprise architects on risk posture and feasibility.
Cloud-Native Security Services (Design & Governance)
- Architect and govern use of cloud-native security services:
AWS
- IAM, KMS, CloudTrail, GuardDuty, Security Hub, Shield, WAF, Inspector, Macie
Azure
- Entra ID (Azure AD), Defender for Cloud, Sentinel, Key Vault, Azure Firewall, WAF, DDoS Protection
GCP
- IAM, Cloud KMS, Security Command Center, Cloud Armor, Cloud IDS, VPC Service Controls
- Ensure consistent implementation of identity, network, compute, storage, and data security controls across platforms.
Security Tooling & Platform Integration
- Lead integration of advanced security platforms:
- SIEM / SOAR (Splunk, Sentinel, QRadar, Elastic)
- CSPM, CWPP, CNAPP
- Vulnerability scanners and EDR/XDR platforms
- Define enterprise integration patterns using APIs and log pipelines.
- Embed security tooling into CI/CD and runtime environments.
Identity, Network & Zero Trust Security
- Architect and govern:
- IAM federation, SSO, adaptive MFA
- Just-In-Time (JIT) and least-privilege access
- Lead Zero Trust adoption across hybrid and multi-cloud platforms.
- Design and validate:
- Micro-segmentation strategies
- Secure service-to-service communication
- Lead troubleshooting of complex IAM, firewall, VPN, service mesh, and workload identity issues.
Security Monitoring, Incident Readiness & Response
- Design SOC detection and response use cases.
- Lead major security incidents:
- Threat containment
- Forensics coordination
- Post-incident reviews and systemic fixes
- Validate SIEM/SOAR correlation rules and response playbooks.
- Improve MTTR using AI-assisted detection and prioritization.
Governance, Risk & Compliance
- Ensure security controls align with:
- ISO 27001, SOC 2, PCI-DSS, HIPAA, GDPR, RBI (as applicable)
- Define automated evidence collection for audits.
- Validate security readiness for production workloads.
- Act as sign-off authority from a security and compliance perspective.
AI / GenAI & Agentic Security Engineering
- Design AI-enabled cloud security solutions, including:
- Anomaly detection
- Threat prioritization
- Automated remediation workflows
- Use Generative AI to:
- Analyze security telemetry
- Assist in threat modeling
- Accelerate investigations and RCA
- Apply Agentic AI frameworks for:
- Self-healing security workflows
- Policy orchestration and enforcement
- Strong understanding of:
- AI lifecycle
- ML fundamentals (supervised & unsupervised)
- NLP concepts for security analytics
- Define guardrails for responsible, compliant AI usage in security platforms.
Automation, IaC & Scripting
- Lead security automation using:
- Terraform (preferred)
- Ansible
- Define reusable security modules and policy-as-code patterns.
- Advanced scripting using:
- Python (mandatory)
- Bash / PowerShell
- Integrate security into CI/CD pipelines (DevSecOps).
Mandatory Skills
- Python (Programming Language) automation, API integration, AI workflows
- Agentic AI framework understanding (multi-agent orchestration, decision logic)
- Terraform & Ansible for cloud security automation
- Advanced cloud security across AWS, Azure, GCP, OpenShift
- Deep expertise in IAM, Zero Trust, SIEM/SOAR, CSPM/CNAPP
Experience & Qualifications
- 8 10 years of experience in cloud security engineering.
- Proven leadership in enterprise-scale cloud security implementations.
- Hands-on experience with AI/GenAI-enabled security platforms.
- Experience supporting SI-led and managed services environments
Certifications
Mandatory Certifications (Minimum 2 Specialty / Professional Level)
The certifications can be across different cloud providers.
AWS
- AWS Certified Security Specialty
- AWS Certified Advanced Networking Specialty
- AWS Certified Solutions Architect Professional
Microsoft Azure
- Azure Security Engineer Associate (AZ-500)
- Azure Solutions Architect Expert (AZ-305)
Google Cloud Platform (GCP)
- Google Professional Cloud Security Engineer
- Google Professional Cloud Architect
Good to have certification
- Security & Governance
- CISSP
- CCSP
- CISM
- ISO 27001 Lead Implementer / Auditor
- Kubernetes & Cloud-Native Security
- Certified Kubernetes Security Specialist (CKS)
- Certified Kubernetes Administrator (CKA)
- Red Hat OpenShift Security / Specialist
- DevSecOps & Automation
- Azure DevOps Engineer Expert (AZ-400)
- GitHub Actions (GH-200)
- Ansible Automation Platform Certification
- AI / GenAI & Emerging Security
- AWS Certified Machine Learning Specialty
- Google Professional Machine Learning Engineer
- Azure AI Engineer Associate
- GenAI / LLM Security certifications (DeepLearning.AI, OpenAI, vendor-neutral programs)
15 Year of Education to be completed
- Resource needs to be AI Ready.
15 years full time education
About Accenture
Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with approximately 791,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. Our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities.
Visit us at www.accenture.com
Equal Employment Opportunity Statement
We believe that no one should be discriminated against because of their differences. All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, military veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by applicable law. Our rich diversity makes us more innovative, more competitive, and more creative, which helps us better serve our clients and our communities.