Sr IT Security Analyst(Sr. Engineer Cloud Security ) at MattelInc

We are seeking a skilled and motivated Senior Engineer Cloud Security to support and execute day-to-day cloud security operations across Google Cloud Platform (GCP), Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). This role is responsible for operational cloud security monitoring, misconfiguration management, and compliance validation, working closely with Cloud Security Engineers, Network Security, and application teams.  The Senior Engineer Cloud Security applies hands-on technical skills to identify, analyze, and remediate cloud security risks while ensuring alignment with enterprise security standards, Zero Trust principles, and regulatory requirements. This role mirrors the operational depth and accountability of senior engineering roles while maintaining a strong Engineer-focused execution model.  Roles and Responsibilities  • Perform continuous security monitoring and operational reviews of cloud environments across GCP (primary), AWS, Azure, and OCI.  • Analyze and triage findings from cloud security tools such as GCP Security Command Center (SCC), AWS Security Hub, Azure Defender, and OCI Cloud Guard.  • Own remediation tracking, validation, and closure of cloud security findings in collaboration with application owners and DevOps teams.  • Support implementation and validation of cloud security controls including IAM, network security, encryption, logging, and monitoring.  • Participate in cloud architecture and design reviews to ensure security-by-design and Zero Trust principles are applied.  • Support compliance activities aligned with CIS benchmarks, NIST CSF, ISO 27001, and internal security standards.  • Maintain operational documentation, standard operating procedures (SOPs), and runbooks for cloud security processes.  • Assist in audit evidence collection, reporting, and remediation validation for internal and external audits.  • Contribute to cloud security dashboards, metrics, and reporting for operational and leadership visibility.  • Support development and enhancement of automation and scripting for cloud security baselines and controls.  • Collaborate with Network Security, IAM, and Application Security teams to ensure consistent security posture across hybrid environments.  • Participate in security incidents related to cloud platforms, including investigation, containment, and post-incident documentation.  • Continuously monitor emerging cloud threats, service changes, and best practices to improve security controls.  • Additional duties may be assigned as necessary to meet organizational needs.    Skills and Qualifications  Required:  • 5-10 years of experience in cloud, DevOps, or security operations roles.  • Hands-on experience with at least one major cloud platform (GCP, AWS, or Azure), with GCP preferred.  • Working knowledge of cloud security services and controls including IAM, networking, encryption, and logging.  • Experience analyzing findings from CSPM and native cloud security tools.  • Basic experience with infrastructure-as-code concepts and cloud automation.  • Familiarity with scripting or automation using tools such as Python, Bash, or PowerShell.  • Understanding security frameworks and standards such as CIS, NIST CSF, and ISO 27001.  • Strong analytical, troubleshooting, and problem-solving skills.  • Ability to collaborate effectively with engineering, DevOps, and security teams.  • Strong written and verbal communication skills.   Preferred:  • Bachelor’s degree in computer science, Cybersecurity, Engineering, or a related discipline.  • Cloud certifications such as Google Associate Cloud Engineer, AWS Associate, or Azure Associate.  • Experience supporting compliance and audit activities in cloud environments.  • Exposure to Zero Trust, security-by-design, and cloud-native security architectures.  • Experience building or supporting cloud security automation and reporting pipelines.  Shift Timing:   • Work hours may vary, and the position may require availability during off-business hours as dictated by project needs, system changes, or security events.