Back to Job Search Results

Cloud Security Engineer - CSPM Migration (Orca)

Date Posted: Jun 17, 2025

Job #1681820
Contract

Title: Cloud Security Engineer – CSPM Migration Team Member (Orca) 

Location: Remote; CST Time-Zone  

Compensation: $60 - $75/hr. (2-3+ month Contract)  

Our client is decommissioning a legacy Cloud Security Posture Management (CSPM) platform and migrating to Orca Security across a multi-cloud estate (? 80% AWS / 15% Azure / small GCP footprint). Reporting to the Migration Lead, you will join a cross-functional squad to translate existing rules and policies into Orca, stand up and fine-tune scans, and integrate findings into the client’s vulnerability-management workflow. This is a contributing engineer role—not a team-lead position.

Responsibilities

  • Inventory legacy CSPM rulesets and recreate or optimize them in Orca.
  • Generate posture queries and compliance policies aligned to CIS, NIST, ISO, and client-specific standards.
  • Assist the team in onboarding cloud accounts, configuring scanning schedules, and tuning alert pipelines.
  • Validate rule accuracy and coverage; troubleshoot false positives/negatives alongside senior engineers.
  • Correlate Orca findings with existing tools (Tenable, Rapid7, Prisma, Wiz, etc.).
  • Tag, triage, and prioritize issues for remediation based on risk and business impact.
  • Pair with IaC, DevOps, and platform engineers to embed Orca posture checks in CI/CD workflows.
  • Contribute to runbooks, quick-start guides, and end-user training sessions.
  • Surface opportunities to streamline rulesets, reduce noise, and improve detection fidelity.
  • Provide feedback on migration playbooks to accelerate future rollouts.

Skills Required

  • 3–5 years in cloud security engineering, DevSecOps, or vulnerability management.
  • Hands-on with at least one major cloud platform (AWS, Azure, or GCP).
  • Practical experience with CSPM or vulnerability-scanning tools—ideally Orca; Prisma Cloud, Wiz, Lacework, Tenable, or Rapid7 acceptable.
  • Proven ability to write / adapt CSPM rules, queries, and compliance policies (CIS, NIST, ISO, or custom).
  • Working knowledge of IAM principles and least-privilege design.
  • Light scripting (Python, Bash, PowerShell) for automation is a plus but not the primary focus.
  • Familiarity with Infrastructure as Code (Terraform, CloudFormation, ARM).

Education & Work Experience

  • Bachelor’s degree in Computer Science, Cybersecurity, Information Systems, or a closely related field.
  • Preferred certifications (any of the following boosts candidacy):
  • Cloud security: AWS Certified Security – Specialty, Azure Security Engineer (AZ-500), Google Cloud Professional Cloud Security Engineer
  • Industry: CISSP, CCSP, or GIAC (GSEC/GCSA)
  • Tool-specific: Orca Security Practitioner, Prisma Cloud, Wiz, or Lacework certifications
  • Continuing education in DevSecOps, IaC, or vulnerability-management tooling is valued and should be highlighted.

    Nice-to-Have / Differentiators

    • Direct Orca Security deployment experience (highly preferred).
    • Past use of configuration-management tools (Ansible, Puppet, Chef).
    • Exposure to CASB solutions or cloud access governance.

    • Apply Now

    Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

    Mandatory questions are indicated. All other questions are optional. I agree that any sensitive personal information I voluntarily provide in response to optional questions will be handled in accordance with the Global Privacy Policy. I acknowledge and agree to receive communications from Korn Ferry via phone, SMS and email (message frequency varies, SMS message and data rates may apply). I am not a citizen of, ordinarily resident, or physically located in Cuba, Iran, North Korea, Syria, or the Crimea, Donetsk, or Luhansk regions of Ukraine nor ordinarily resident or physically located in the Russian Federation. I understand that I can withdraw this consent at any time by contacting privacy@kornferry.com.