Cloud Security Consultant
Listed on 2026-07-03
-
IT/Tech
Cybersecurity, IT Consultant
A boutique cybersecurity consultancy serving small and mid‑sized clients across healthcare, legal, technology, media, fintech, and consumer sectors is hiring a cloud security consultant to own client relationships end to end. You would be the technical and strategic point person for a small portfolio of clients, running cloud security assessments, shaping security programs, and translating the work for both engineers and executives.
This is a role for someone who wants the variety of consulting without the narrow scope, where no two days look the same and you grow into the engagements and clients that suit you best. You would have wide latitude to bring AI and automation into the work to deliver better outcomes faster.
Compensation: $140,000 to $150,000 base, plus spot bonuses
Logistics: Remote in the US, cannot support sponsorship
What you would be doing:- Own a handful of client engagements as the point person, guiding clients through their security roadmap and acting as the trusted advisor on what to tackle and when
- Run cloud security assessments, identify misconfigurations, and hold credible technical conversations with client cloud and engineering teams
- Understand and speak to a client's security program as a whole, with the ability to lead smaller engagements in a virtual CISO capacity
- Scope penetration tests and red team exercises, review findings, and translate them into clear remediation guidance; hands‑on testing is outsourced
- Lead identity and access management work including access reviews and response to identity anomalies, and support monitoring, detection, and response across endpoint and identity
- Serve as the technical go‑to on incident response across clients
- Build scripting and process improvements that automate delivery work, and bring AI into your workflow to free up time for higher‑impact client work
- Provide first‑pass sales support, surfacing opportunities to expand services and walking clients through the occasional tool demo
- A consulting mindset and genuine client‑facing ability, comfortable owning relationships, navigating ambiguity, and communicating with both technical and non‑technical audiences
- A working understanding of security programs as a whole, with governance, risk, and compliance experience across frameworks such as NIST, SOC 2, ISO 27001, or similar; audit and ATO readiness experience is a strong plus
- Cloud security competence with a focus on AWS, enough to assess environments and advise client teams
- Comfortable CLI experience and general scripting ability
- Working knowledge of IAM concepts and identity monitoring
- Familiarity with MDR and endpoint and identity monitoring solutions
- Exposure to penetration testing sufficient to scope and interpret engagements; you do not need to be a working pen tester
- Fluent use of AI tooling in your daily work, and the drive to use it more
- A high tolerance for ambiguity and a self‑directed, figure‑it‑out approach in a small, fast‑moving team
- Prior consulting or vCISO experience is a strong plus. Terraform, containers, and Kubernetes are not required
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).