Cloud Security Engineer

The Security, Risk, and Compliance division of the National Association of Insurance Commissioners (NAIC) has an exciting opportunity for a Cloud Security Engineer. This position is responsible for defining, implementing, and maintaining the security architecture of the organization's cloud and cloud-native environments. This role partners closely with Cloud Engineering, DevOps, Compliance, and Risk teams to ensure cloud platforms-including Kubernetes and emerging AI-enabled technologies-are designed and operated securely, in alignment with regulatory requirements, security best practices, and organizational risk tolerance. This is a full-time hybrid position, in a positive and flexible environment. Residency within 100 miles of the Kansas City office is required.

Responsibilities Include:

• Design, implement, and maintain secure cloud architectures across IaaS, PaaS, and SaaS platforms (e.g., AWS, Azure, OCI), including security guardrails and standards.

• Develop and maintain cloud security standards and documentation and ensure cloud architecture designs align with said standards and risk management requirements.

• Lead security architecture and controls for containerized and Kubernetes-based workloads, including cluster hardening and secure configuration, workload isolation and network policies, secrets management and key rotation, and container image security and supply chain integrity.

• Collaborate with DevOps teams on container security tooling, runtime protection, and secure CI/CD pipelines.

• Contribute to the development and architecture of an organizational AI security strategy, including governance, acceptable use, and risk controls.

• Translate regulatory and compliance requirements (e.g., SOC 2, NIST, ISO 27001, GovRAMP) into actionable cloud security controls.

• Evaluate and implement cloud security posture management (CSPM), container security, CI/CD security, and cloud-native security tools.

Management Responsibilities:

This position does not have direct reports.

Minimum Education and/or Experience Required:

• Bachelor's degree (B.A. or B.S.) from four-year College or university in a computer related field and 5 years of experience in information security, with significant focus on cloud environments, and/or equivalent combination of education and technical experience.

• Hands-on experience securing AWS (Azure and OCI experience are a plus).

• Practical experience securing Kubernetes and containerized workloads.

• Familiarity with infrastructure-as-code and CI/CD security concepts.

• Strong working knowledge of:

  • Cloud IAM and identity federation

  • Network security (VPCs/VNETs, firewalls, security groups)

  • Encryption, key management, and secrets handling

• Ability to communicate complex security concepts clearly to technical and non-technical audiences.

Preferred Qualifications:

• Experience working in regulated or compliance-driven environments (e.g., SOC 2, GovRAMP, PCI, HIPAA).

• Familiarity with frameworks such as NIST 800-53, CIS Benchmarks, or Zero Trust architectures.

• Experience evaluating or securing AI/ML platforms or SaaS tools.

• Experience with CSPM, container security, or cloud-native security tools (vendor-agnostic).

• Relevant certifications (e.g., AWS Security Specialty, CCSK, CKS, CISSP) are a plus.

Systems & Technology Requirements:

• AWS

• Kubernetes & Container Technologies

• Infrastructure-as-code tools (e.g., Terraform, CloudFormation, ARM, Gitlab)

• Windows, Linux, and MacOS Endpoints

• Identity & Access Management (IAM / IdP)

Schedule: Hybrid

While this position qualifies for a hybrid schedule, you may be required to come into the office for a minimum of one day each week plus for ongoing meetings, events or training.

Travel:

This position does not require overnight business travel. Employees are responsible for their personal transportation to/from the home and office, including events, meetings, and training required by the NAIC.

Compensation:

$107,000 - $142,000 commensurate with education and experience.

Sponsorship:

Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

The NAIC is proud to be an Equal Opportunity Employer

Applicants for all positions are considered without regard to age, race, creed, color, religion, sex, sexual orientation, gender identity or expression, national origin or ancestry, marital status, pregnancy, genetic information, military or veteran status, disability, or any other basis protected by applicable law.