Sr. Cloud Security Engineer

Narvar is growing! Narvar is seeking a skilled cybersecurity professional to join our Cyber Defense vertical. As a Cloud Security Engineer, you will manage critical aspects of Cloud Architecture, Cyber Incident Response, and Threat Management to ensure the security and resilience of our cloud infrastructure. This role encompasses oversight of digital forensics, threat intelligence, and security investigations while driving proactive measures like threat hunting and cyber simulations. You will collaborate across teams to build and maintain a robust security posture, ensuring organizational readiness against emerging threats.

The Cyber Defense team is at the forefront of protecting the organization’s critical infrastructure and data from cyber threats. This dynamic and highly skilled team is responsible for threat detection, incident response, and continuous improvement of security posture. Working closely with other departments, the Cyber Defense team ensures a secure environment across all cloud operations, specializing in GCP Cloud Security. We are committed to staying ahead of the latest threats and vulnerabilities, leveraging cutting-edge tools and frameworks to safeguard the organization’s assets and reputation.

Day-to-day

Cloud Security Architecture:

• Design and implement secure cloud architectures, including landing zones, project structures, IAM policies, and secure network configurations..
• Conduct cyber risk and vulnerability assessments, with an emphasis on proactive threat detection.
• Develop and enforce secure configurations for cloud services, including IAM policies, VPCs, and encryption protocols.
• Integrate cloud-native and third-party security solutions for monitoring, detection, and response.
• Define strategies to adopt Zero Trust principles and enhance perimeter security using tools like GCP Cloud Armor

Incident Response:

• Lead both Corporate Incident Response Teams (Corp IRT) and Platform Incident Response Teams (Platform IRT)to handle incidents promptly.
• Oversee security investigations, perform digital forensics, and deliver actionable insights for remediation.
• Lead post-incident analysis to identify root causes and implement corrective actions.
• Conduct security awareness training, build incident response plans, and provide real-time support during security events.
• Continuously monitor the cloud environment for emerging threats and vulnerabilities, taking proactive steps to remediate them.
• Establish workflows for threat intelligence collection, threat hunting, and real-time response to evolving threats.
• Implement security reporting mechanisms for leadership, focusing on actionable insights from GCP environments.
• Conduct cyber simulations and drills, including cyber resilience exercises and incident response tests in GCP.
• Establish automated reporting for compliance and real-time incident tracking.

Governance and Compliance:

• Ensure compliance with regulatory standards (e.g., SOC 2, GDPR, PCI-DSS) specific to cloud infrastructure.
• Partner with cross-functional teams to assess and mitigate cloud-related risks, enhancing security posture.

Collaboration and Leadership:

• Work with DevOps, engineering, and operations teams to integrate security into the CI/CD pipeline.
• Mentor junior security professionals and build team capabilities for digital forensics, threat intelligence, and incident response.
• Collaborate with external stakeholders and vendors to leverage advanced technologies for threat detection and response.

What we are looking for

Technical Expertise:

• 5+ years of experience in cloud security architecture, incident response, and threat management, with a focus on GCP.
• Proficiency in digital forensics, threat hunting, and cyber threat intelligence.
• Hands-on experience with GCP security tools like Cloud Armor, Security Command Center.
• Strong understanding of CSPM tools (e.g., Wiz) and SIEM platforms (e.g., Wazuh).
• Experience leading cyber drills and simulations to test and improve incident response readiness.

Problem-Solving & Analytical Skills:

• Deep expertise in security investigations, root cause analysis, and remediation of complex cyber incidents.
• Ability to analyze large datasets and logs to identify patterns and detect sophisticated threats.

Communication & Collaboration:

• Strong interpersonal skills to articulate security risks and solutions to both technical and non-technical stakeholders.
• Proven ability to lead cross-functional teams during incident response scenarios.

Why Narvar?

We're on a mission to simplify the everyday lives of consumers. Post-purchase is a critical phase of the customer journey. That's why we created Narvar - a platform focused on driving customer loyalty through seamless post-purchase experiences that allow retailers to retain, engage, and delight customers. If you've ever bought something online, there's a good chance you've used our platform!

From the hottest new direct-to-consumer companies to retail’s most renowned brands, Narvar works with GameStop, Neiman Marcus, Sonos, Nike, and 1300+ other brands. With hubs in San Francisco, Atlanta, London, and Bangalore, we've served over 125 million consumers worldwide across 10+ billion interactions, 38 countries, and 55 languages.

Pioneering the post-purchase movement means navigating into the unknown. Our team thrives on this sense of adventure while nurturing a mindset of innovation. We're a home for big hearts and we leave our egos at the door. We work hard but we always make time to celebrate professional wins, baby showers, birthday parties, and everything in between.

We are an equal-opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

#LI-SA1

#LI-Hybrid

Please read our Privacy Policy to learn what personal information we collect in connection with your job application, and how we may use and share it.