Urgent Requirement : Senior Cloud Governance Engineer –Platform Engineering, Charlotte, NC (Hybrid)

0 views

Skip to first unread message

Akshay 3SBC

unread,

1:06 PM (9 hours ago) 1:06 PM

Hi,

Hope you are doing well,

This is Akshay from 3SBC, Please go through the JD.

Job Title: Senior Cloud Governance Engineer –Platform Engineering

Location: Charlotte, NC (Hybrid)

Duration: Long Term

Rate: $55/hr. on C2C

Need 10Years Profile only

Job Overview

Senior Cloud Governance Engineer –Platform Engineering

We are building an enterprise-scale internal developer platform designed to eliminate infrastructure friction. Our goal is to provide application teams with a seamless experience that balances speed and flexibility with strict security, compliance, and cost governance.

As a Senior Cloud Governance Engineer, you will own the compliance and audit posture of our cloud platform.
You will ensure that the infrastructure we provision meets regulatory, security, and organizational standards — and that we can prove it. You will work closely with our platform architects and engineering teams to embed governance directly into our Terraform patterns, automate evidence collection, and maintain continuous audit readiness.

Key Responsibilities

Compliance & Audit Readiness: Own the end-to-end compliance lifecycle for cloud infrastructure. Ensure environments are continuously aligned with organizational policies, regulatory frameworks (SOC 2, ISO 27001, NIST, CIS Benchmarks), and internal standards.
Policy-as-Code: Translate compliance requirements into enforceable Azure Policy definitions, Terraform validation rules, and automated guardrails that prevent non-compliant resources from being deployed.

Evidence Collection & Automation: Design and implement automated work flows for collecting, organizing, and presenting audit evidence. Reduce manual eff ort during audit cycles by building repeatable, auditable processes.

Terraform Pattern Governance: Review and provide guidance on infrastructure-as-code patterns to ensure they meet compliance, security, and operational standards. Propose required updates to existing Terraform modules when standards evolve.

Security Posture Management: Operate and optimize cloud security posture management(CSPM) tooling, primarily Wiz, to identify misconfigurations, prioritize risk, and drive remediation with engineering teams.
Monitoring & Reporting: Build and maintain compliance dashboards and workbooks using Azure Monitor and Azure Workbooks to provide real-time visibility into governance posture across subscriptions and environments.

AI-Powered Governance Tooling: Design and build AI/LLM-driven tools that accelerate governance workflows — such as automated control mapping, natural-language policy interpretation, intelligent evidence summarization, and anomaly detection across compliance data.

GRC Program Support: Maintain and operate governance, risk, and compliance (GRC) processes — including risk register management, control testing schedules, exception tracking, and remediation SLA monitoring. Ensure alignment between cloud infrastructure controls and enterprise GRC frameworks.

Cross-Functional Collaboration: Partner with platform architects, security teams, and application owners to interpret audit findings, recommend remediation paths, and ensure governance requirements are practical and achievable.

Required Skills & Experience

GRC Fundamentals: Solid understanding of governance, risk, and compliance frameworks. Experience with risk assessment methodologies, control mapping, exception management, and working with GRC platforms (ServiceNow GRC, Archer, or similar).

IT Audit Experience: Hands-on participation in both internal and external IT audits — scoping controls, gathering evidence, responding to auditor inquiries, and driving remediation of findings to closure.

Cloud Compliance Expertise: Deep understanding of compliance frameworks (SOC 2, ISO27001, FedRAMP, NIST, CIS) and how they map to cloud infrastructure configurations and controls.

Azure Governance Tooling: Strong proficiency with Azure Policy, Azure Monitor, AZURE Workbooks, Microsoft Defender for Cloud, and Management Groups/Subscription governance patterns.

CSPM Tools (Wiz): Experience operating Wiz or comparable CSPM platforms (Prisma Cloud, Orca) for vulnerability detection, compliance scanning, and risk prioritization.

Infrastructure as Code (Terraform): Solid understanding of Terraform. You can read, review, and recommend changes to HCL modules to enforce compliance standards — not just flag violations after the fact.

Automation & Scripting: Ability to automate evidence collection and reporting workflows using scripting (Python, PowerShell, Bash) and Azure-native automation tools (Logic Apps, AZURE Functions, Azure Automation).

AI/LLM Application Development: Experience building internal tools or work flows leveraging large language models — prompt engineering, RAG patterns, or agent-based automation applied to operational or compliance use cases.

Communication & Influence: You can translate technical audit findings into clear remediation guidance for engineering teams and articulate compliance posture to leadership and auditors.

Top 5 Must-Have Skills

1. CSPM Tools

2. python

3. Azure Policy

4. Azure Monitor

5. Azure Workbooks

Additional Skills

Microsoft Defender for Cloud and Management Groups/Subscription governance patterns teams' compliance terraform azure solid python PowerShell bash communication leadership nist control mapping

Thanks and regards

Akshay Kumar

Sr. Recruiter

O: 281-823-9222 Ext:537 |E: dundangi.akshay@3sbc.com

Hangouts - Akshay3s...@gmail.com

LinkedIn ID : linkedin.com/in/akshay-kumar-ab61271b4

Lets Connect! An E-Verified Company

An E-Verified Company

To be removed from our mailing list reply with "rem...@3sbc.com" and include your "original email address/addresses" in the subject heading and mark CC "dundangi.akshay@3sbc.com " . Include complete address/addresses and/or domain to be removed. We will immediately update it accordingly. We apologize for the inconvenience if any caused.