Senior Cloud Governance Engineer –Platform Engineering _ Charlotte, NC (Hybrid)

[khaza 3sbc]

Hello All,

Hope you are doing Great.

Please check the below JD and share the suitable profiles to md.k...@3sbc.com

Job Title: Senior Cloud Governance Engineer –Platform Engineering

Location: Charlotte, NC (Hybrid)

Duration: 1 year

Experience Level: Senior (8+ years)

 

Job Overview:

Senior Cloud Governance Engineer –Platform Engineering

We are building an enterprise-scale internal developer platform designed to eliminate infrastructurefriction. Our goal is to provide application teams with a seamless experience that balances speed andfl exibility with strict security, compliance, and cost governance.

As a Senior Cloud Governance Engineer, you will own the compliance and audit posture of our cloud platform.
You will ensure that the infrastructure we provision meets regulatory, security, and organizational standards — and that we can prove it. You will work closely with our platform architects and engineering teams to embed governance directly into our Terraform patterns, automate evidence collection, and maintain continuous audit readiness.

Key Responsibilities:

Compliance & Audit Readiness: Own the end-to-end compliance lifecycle for cloud infrastructure. Ensure environments are continuously aligned with organizational policies, regulatory frameworks (SOC 2, ISO 27001, NIST, CIS Benchmarks), and internal standards.
Policy-as-Code: Translate compliance requirements into enforceable Azure Policy definitions, Terraform validation rules, and automated guardrails that prevent non-compliant resources from being deployed.

Evidence Collection & Automation: Design and implement automated workflows for collecting, organizing, and presenting audit evidence. Reduce manual eff ort during audit cycles by building repeatable, auditable processes.

Terraform Pattern Governance: Review and provide guidance on infrastructure-as-code patterns to ensure they meet compliance, security, and operational standards. Propose required updates to existing Terraform modules when standards evolve.

Security Posture Management: Operate and optimize cloud security posture management(CSPM) tooling, primarily Wiz, to identify misconfigurations, prioritize risk, and drive remediation with engineering teams.
Monitoring & Reporting: Build and maintain compliance dashboards and workbooks using Azure Monitor and Azure Workbooks to provide real-time visibility into governance posture across subscriptions and environments.

AI-Powered Governance Tooling: Design and build AI/LLM-driven tools that accelerate governance workflows — such as automated control mapping, natural-language policy interpretation, intelligent evidence summarization, and anomaly detection across compliance data.

GRC Program Support: Maintain and operate governance, risk, and compliance (GRC)processes — including risk register management, control testing schedules, exception tracking, and remediation SLA monitoring. Ensure alignment between cloud infrastructure controls and enterprise GRC frameworks.

Cross-Functional Collaboration: Partner with platform architects, security teams, and application owners to interpret audit findings, recommend remediation paths, and ensure governance requirements are practical and achievable.

Required Skills & Experience:

GRC Fundamentals: Solid understanding of governance, risk, and compliance frameworks. Experience with risk assessment methodologies, control mapping, exception management, and working with GRC platforms (ServiceNow GRC, Archer, or similar).

IT Audit Experience: Hands-on participation in both internal and external IT audits — scoping controls, gathering evidence, responding to auditor inquiries, and driving remediation of findings to closure.

Cloud Compliance Expertise: Deep understanding of compliance frameworks (SOC 2, ISO27001, FedRAMP, NIST, CIS) and how they map to cloud infrastructure configurations and controls.

Azure Governance Tooling: Strong proficiency with Azure Policy, Azure Monitor, AZURE Workbooks, Microsoft Defender for Cloud, and Management Groups/Subscription governance patterns.

CSPM Tools (Wiz): Experience operating Wiz or comparable CSPM platforms (Prisma Cloud, Orca) for vulnerability detection, compliance scanning, and risk prioritization.

Infrastructure as Code (Terraform): Solid understanding of Terraform. You can read, review, and recommend changes to HCL modules to enforce compliance standards — not just flag violations after the fact.

Automation & Scripting: Ability to automate evidence collection and reporting workflows using scripting (Python, PowerShell, Bash) and Azure-native automation tools (Logic Apps, Azure Functions, Azure Automation).

AI/LLM Application Development: Experience building internal tools or workflows leveraging large language models — prompt engineering, RAG patterns, or agent-based automation applied to operational or compliance use cases.

Communication & Influence: You can translate technical audit findings into clear remediation guidance for engineering teams and articulate compliance posture to leadership and auditors.

Top 5 Must-Have Skills:

1. CSPM Tools

2. python

3. Azure Policy

4. Azure Monitor

5. AZURE Workbooks

Additional Skills:

Microsoft Defender for Cloud and Management Groups/Subscription governance patterns teams' compliance terraform azure solid python PowerShell bash communication leadership Nist control mapping

Thanks & Regards,

Md. Khazababu

Sr. Recruiter

3S Business Corporation
#16700 HOUSE HAHL RD BLDG 6B, Cypress, TX- 77433