Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You'll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you'll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your role and responsibilities
Role Summary
We are looking for a skilled Cloud Security Engineer to serve as our subject matter expert for Palo Alto Prisma Cloud. You will be the primary owner responsible for designing, implementing, assessing and managing cloud security strategy using the Prisma platform to protect multi-cloud environments. Your expertise will be critical in ensuring continuous compliance, automating security controls, and preventing cloud-native threats.
This is a strategic, hands-on role that bridges the gap between the security team and cloud engineering, requiring a good understanding of both cloud architecture and security principles.
Key Responsibilities
Prisma Cloud Strategy & Architecture:
- Serve as the technical owner for the entire Palo Alto Prisma Cloud suite.
- Architect, deploy, and optimize Prisma Cloud across our Multi-cloud environments to provide comprehensive visibility and protection.
- Manage the entire lifecycle of the Prisma Cloud platform, including policy management, access controls, Alerts and system health.
Review least privilege, MFA SSO configuration across cloud assetsCloud Security Posture Management (CSPM):
- Develop, customize, and maintain compliance frameworks within Prisma Cloud CSPM to enforce security benchmarks (e.g., CIS, NIST, PCI-DSS).
- Proactively identify, prioritize, and remediate cloud misconfigurations and compliance violations across IaaS, PaaS, and SaaS.
- Create detailed reports and dashboards for leadership and auditors, demonstrating the effectiveness of our cloud security controls.
- Review cloud security strategy & governance, Define cloud security baselines.
Cloud Workload Protection (CWP) & Code Security:
- Implement and manage Prisma Cloud CWP to provide runtime protection for workloads and containers.
- Configure agent-based and agentless protection strategies for virtual machines, containers, and serverless functions.
- Utilize Prisma Cloud's code security capabilities (IaC Scanning) to scan infrastructure-as-code templates (Terraform, CloudFormation, ARM) for security issues before deployment.
- Lead the response to cloud workload security alerts, performing investigation and remediation.
Automation & Integration:
- Automate remediation actions by integrating Prisma Cloud with SOAR platforms (e.g., Cortex XSOAR), ticketing systems, and cloud provider-native services.
- Develop scripts (Python, Python, or Terraform) to automate security tasks and enforce governance.
Collaboration & Leadership:
- Partner with Cloud, DevOps, and Application Development teams to embed security into the development lifecycle.
- Mentor junior cloud security analysts and engineers.
- Stay current with emerging cloud threats, attacker TTPs (Tactics, Techniques, and Procedures), and new features within the Prisma Cloud platform.
Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
Required Qualifications & Experience
- 6+ years of experience in cybersecurity, with at least 4years focused specifically on cloud security / Prisma Cloud.
- 3+ years of direct, hands-on experience with Palo Alto Prisma Cloud in a production, multi-cloud environment.
- Proven experience in deploying, configuring, and managing core Prisma Cloud modules (CSPM, CWP, IaC Security).
Good hands-on experience with at least one major cloud provider (AWS, Azure, or GCP), including a deep understanding of their native security services and IAM models
Preferred technical and professional experience
At least one Palo Alto Networks certification Require:oPCCET (Prisma Certified Cloud Entry-level Technician)o
PCCSP (Prisma Certified Cloud Security Professional) - Highly Desired*Cloud provider certifications (e.g., AWS Certified Security - Specialty, Azure Security Engineer Associate, Google Professional Cloud Security Engineer).*Experience integrating Prisma Cloud with CI/CD tools (e.g., Jenkins, GitLab, GitHub Actions).*Familiarity with container and Kubernetes security principles.*Excellent problem-solving and communication skills, with the ability to articulate complex security risks to technical and non-technical stakeholders.
Years of Experience:6-8
