Senior Application and Cloud Security Engineer
100% REMOTE (UNITED STATES OR CANADA)
Glocomms is partnered with a leading creative technology company seeking a highly skilled Security Engineer to elevate and mature its cloud and application security programs. This role will directly influence the security architecture of cutting‑edge digital products, collaborating closely with engineering teams to embed best‑in‑class security practices across the organization. The ideal candidate brings deep experience in GCP, AWS, and PHP ecosystems and thrives in a fast‑moving, innovation‑driven environment.
- Develop, implement, and maintain security controls across cloud environments, with an emphasis on GCP and AWS.
- Conduct application security reviews, threat modeling, and code‑level assessments for PHP and other modern technology stacks.
- Partner with engineering teams to architect secure solutions, validate secure configurations, and guide adherence to security best practices.
- Monitor, investigate, and respond to security incidents, ensuring timely remediation and documentation of findings.
- Build and enhance automated security tooling, guardrails, and CI/CD pipeline integrations to proactively reduce risk.
- Lead vulnerability management efforts, including scanning, prioritization, and coordination of remediation activities.
- Contribute to security policies, standards, and documentation that support the company's evolving security strategy.
- Stay current on emerging threats, security tooling, and cloud platform updates to continuously improve the organization's security posture.
- 5+ years of experience in cloud and application security roles or equivalent relevant experience.
- Strong proficiency with Google Cloud Platform (GCP) and Amazon Web Services (AWS) security services, architectures, and best practices.
- Demonstrated experience securing PHP-based applications and familiarity with modern frameworks, secure coding practices, and common vulnerability classes (e.g., OWASP Top 10).
- Hands-on experience with infrastructure-as-code, CI/CD pipelines, and automated security testing.
- Deep understanding of identity and access management, network security, secrets management, and container security principles.
- Strong analytical and problem-solving skills, with the ability to work cross‑functionally and communicate clearly with technical and non‑technical stakeholders.
- Relevant certifications (e.g., GCP Professional Cloud Security Engineer, AWS Security Specialty, OSCP, CISSP) are a plus but not required.
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your resume and details on file so when we see similar roles or see skillsets that drive growth in organizations, we will always reach out to discuss opportunities.
Yes. Even if this role isn’t a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your resume so you can be considered for roles that have yet to be created.
Yes, we help with resume and interview preparation. From customized support on how to optimize your resume to interview preparation and compensation negotiations, we advocate for you throughout your next career move.