Principal Cloud Security Engineer in Washington
Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub. We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy and engineering jobs, and work with the leading energy companies worldwide.
We focus on the Oil & Gas, Renewables, Engineering, Power, and Nuclear markets as well as emerging technologies in EV, Battery, and Fusion. We are committed to ensuring that we offer the most exciting career opportunities from around the world for our jobseekers.
Job Description
Principal Cloud Security Engineer
Location: Washington, DC (Onsite)
Clearance: Active Secret
Employment Type: Full-Time
Role Summary:
We are seeking a Principal Cloud Security Engineer to lead the design, automation, and enforcement of security across large-scale federal cloud environments. This role focuses on cloud security architecture, DevSecOps automation, and secure platform enablement in a multi-cloud ecosystem.
The ideal candidate is highly technical, self-directed, and comfortable operating as the senior security authority for cloud platforms. You will define secure patterns, implement guardrails at scale, and embed security directly into infrastructure and CI/CD pipelines.
Key Responsibilities:
Cloud Security Architecture:
- Design and guide secure architectures across AWS, Azure, and GCP, including GovCloud and restricted environments
- Define and enforce security baselines aligned with NIST 800-53, FedRAMP, and CIS Benchmarks
- Lead threat modeling, architecture reviews, and secure design guidance for cloud workloads
DevSecOps & Automation:
- Build and maintain Infrastructure as Code using Terraform () and cloud- tooling
- Integrate automated security controls into CI/CD pipelines (SAST, DAST, IaC scanning, container scanning)
- Implement policy-as-code guardrails using tools such as AWS SCPs, Azure Policy, and cloud- governance services
- Develop automated remediation and enforcement workflows to reduce manual security effort
Governance, Compliance & Visibility:
- Embed compliance controls directly into cloud infrastructure and pipelines to support ATO efforts
- Partner with compliance teams and auditors on evidence collection and continuous monitoring
- Implement centralized logging, monitoring, and incident response across cloud environments
Technical Leadership:
- Serve as the senior cloud security SME for engineers, architects, and stakeholders
- Mentor engineers on secure cloud development and DevSecOps practices
- Translate complex security concepts to both technical and non-technical audiences
Required Qualifications:
- Active Secret clearance
- 8+ years in cybersecurity or cloud engineering, including 5+ years focused on cloud security
- Deep hands-on experience securing AWS, Azure, or GCP (experience in at least two )
- Strong Infrastructure as Code experience (Terraform strongly )
- Experience integrating security into CI/CD pipelines (GitHub Actions, GitLab, or similar)
- Proficiency in Python, Go, PowerShell, or Bash
- Strong understanding of IAM, networking, encryption, key management, and cloud- security services
- Ability to operate independently and define security priorities without daily direction
Qualifications:
- Experience securing GovCloud, DoD IL5/IL6, or other regulated cloud environments
- Kubernetes and container security experience
- Zero Trust architecture implementation experience
- ServiceNow integrations for security workflows
- Cloud security certifications (AWS Security Specialty, Azure Security Engineer, etc.)
What Makes This a True Principal Role:
- Highly hands-on and deeply technical
- Owns security outcomes rather than executing predefined tasks
- Heavy DevSecOps and IaC focus
- Large-scale, multi-cloud environment
- Architecture and influence matter as much as implementation
If you are interested in applying for this job please press the Apply Button and follow the application process. Energy Jobline wishes you the very best of luck in your next career move.