Cloud Security Engineer

About Flash
Flash is the parking industry's leading technology provider, transforming how people move through cities. We integrate cloud-based access and revenue control systems with powerful data analytics to deliver smarter, more seamless mobility experiences. Our mission is to modernize traditional parking infrastructure into dynamic, connected mobility hubs—enabling more efficient operations, better urban planning, and elevated journeys for drivers, owners, and operators alike.

The Cloud Security Analyst will be responsible for designing, implementing, and managing security measures across cloud environments, ensuring a secure and compliant infrastructure. This role requires expertise in cybersecurity, risk management, and compliance standards while securing a distributed workforce and legacy systems.

Key Responsibilities:

• Design, implement, and manage cloud security controls across platforms including AWS, Azure, and Google Cloud.
• Develop and enforce security policies, procedures, and standards for cloud infrastructure and key cybersecurity controls.
• Conduct vulnerability assessments, penetration testing, and risk analysis for cloud infrastructure and product development.
• Collaborate across various teams to integrate security best practices into cloud architectures.
• Monitor and analyze cloud security alerts, logs, and incidents to detect and respond to threats.
• Investigate security incidents and provide recommendations for mitigation.
• Assist with ensuring compliance with industry regulations such as NIST, PCI, SOC 2, HITRUST, CCPA, and GDPR.
• Assist with reviewing and selecting third-party cybersecurity solutions.
• Stay up to date with emerging security threats and advancements in cloud security technologies.
• Provide training and guidance to internal teams on security best practices and threat awareness.

Requirements

Skills and Experience:

• 3-5+ years of experience in cloud security (AWS, Azure, GCP), preferably in a SaaS setting.
• Certifications such as CISSP, CISM, OSCP, AWS, Microsoft Azure, or Google are a plus.
• Must have a strong background in information technology with a baseline understanding of the challenges of information security.
• Confident communication and presentation skills to help build an understanding and awareness of security issues throughout the organization.
• Demonstrated analytical and problem-solving abilities to identify and fix security risks.
• Must be able to develop security solutions in collaboration with other information technology professionals.
• Familiarity with antivirus, spam, IDS, WAF, etc
• Experience conducting security assessments, risk analysis, and remediation in AWS, Microsoft Azure, or Google cloud environments.
• Knowledge of Linux and Windows operating systems.
• Knowledge of firewall and intrusion detection/prevention protocols.
• Understanding of secure coding practices and threat modeling.
• Understanding of network security architecture development and definition..
• Experience with security frameworks, best practices, and tools such as CSPM, SIEM, and IAM.
• Experience with firewall management, endpoint security, and intrusion detection systems.
• Familiarity with container security (Docker, Kubernetes) and CI/CD security processes.
• Experience in automation using Python, PowerShell, or Bash for security operations, monitoring, and incident response.
• Hands-on experience with security assessment tools such as Nessus, Tenable, or Metasploit.
• Knowledge of native cloud security tools is a plus.

Preferred Qualifications:

• Experience in securing PCI DSS Level 1 and HITRUST-compliant environments.
• Knowledge of security governance frameworks such as PCI, HITRUST, NIST, ISO, and CIS.
• Experience with incident response and disaster recovery in cloud environments.
• Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.

Education & Certifications:

• Bachelor’s degree in Computer Science, Information Security or a related field.
• Certifications such as CISSP, CISM, OSCP, AWS, Microsoft Azure, or Google are a plus.

Flash is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, allow us to attract creatively-led people, and to develop the best products, services and solutions. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Every qualified individual is encouraged to apply to join our team.