Senior Cloud Security Engineer

We're seeking a Senior Cloud Security Engineer who combines strong DevOps fundamentals with in-depth security expertise. You will own cloud security architecture, threat detection, compliance, and access management across our infrastructure, while working closely with DevOps and engineering teams to embed security‑first practices throughout the SDLC.

This is not a pure DevOps role — we need someone who thinks like an attacker and operates like a security engineer.

• →Cloud Security Architecture
  • →Design and enforce secure cloud architecture across AWS/Azure
  • →Harden configurations for core services (EC2/VMs, S3/Blob, RDS, VPC/VNet, Load Balancers)
  • →Lead security reviews for new systems and changes
  • →Implement Zero Trust principles and network security controls
• →Threat Detection & Incident Response
  • →Build and maintain monitoring, alerting, and SIEM integrations
  • →Detect, investigate, and respond to cloud security incidents
  • →Conduct threat modeling and proactive risk assessments
  • →Improve incident response playbooks and post‑incident reviews
• →IAM & Secrets Management
  • →Own IAM strategy across AWS IAM / Azure AD
  • →Enforce least‑privilege, RBAC, and role governance
  • →Manage secrets, certificates, and key lifecycle (Vault, AWS Secrets Manager, Azure Key Vault)
• →Compliance & Auditing
  • →Ensure adherence to CIS Benchmarks, OWASP, SOC 2, ISO 27001
  • →Conduct vulnerability assessments and configuration audits
  • →Produce audit‑ready documentation and posture reports
• →Security in CI/CD (DevSecOps)
  • →Integrate SAST, DAST, and dependency scanning into pipelines
  • →Collaborate on secure pipeline design and container security (Docker, Kubernetes)
  • →Contribute to IaC security reviews (Terraform)
• →Collaboration
  • →Partner with Dev, QA, DevOps, and Product teams to shift security left
  • →Champion secure coding standards and developer awareness
  • →Document security policies, controls, and architecture decisions

• 8–10+ years in Cloud Security, DevSecOps, or security‑focused infrastructure roles
• Hands‑on expertise with AWS/Azure security services (GuardDuty, Security Hub, Azure Defender)
• Strong IAM, secrets management, and access control knowledge
• Experience with SIEM tools, threat detection, and incident response
• Working knowledge of CI/CD pipelines and security tooling
• Familiarity with Docker/Kubernetes security (scanning, runtime protection, policies)
• Knowledge of compliance frameworks (SOC 2, ISO 27001, CIS Benchmarks, OWASP)
• Networking/security fundamentals: Zero Trust, firewalls, DNS, SSL/TLS
• Terraform security reviews; Git workflows and secure development practices

• Experience: 8–10 years
• Job Type: Hybrid
• Location: Lahore
  

About TekHQS

TekHQS is a global technology and AI‑driven solutions company delivering scalable SaaS, Cloud, AI/ML, Blockchain/Web3, DevOps, and enterprise software solutions to startups and enterprise clients worldwide. With 300+ professionals across the USA, UK, UAE, Qatar, Pakistan, and India,

We specialize in building high‑performance digital products across Logistics, FinTech, Healthcare, and emerging technology sectors.We foster a culture of innovation, ownership, and continuous growth — empowering teams to build impactful technology that drives real business transformation.