Security Baseline Engineer (Cloud Security / GRC)

Locations: Las Colinas, TX | Charlotte, NC | Chandler, AZ
Contract (6+ months) – Potential to Convert

Overview

Seeking a hands-on Security Configuration Baseline Engineer to design and implement secure configuration baselines across cloud environments. This role blends cloud security, GRC, and automation, translating policies and industry standards into enforceable, scalable controls.

Key Responsibilities

• Build and maintain baseline-as-code for cloud security controls

• Translate NIST, CIS, and policy requirements into technical configurations

• Implement guardrails, drift detection, and compliance monitoring

• Develop automation using Python and Infrastructure as Code (Terraform)

• Support audit readiness, reporting, and governance workflows

Required Qualifications

• 5+ years cloud security / security engineering

• 3+ years risk & controls / governance

• 3–5 years Cloud Security Posture Management (CSPM)

• 2–4 years Python scripting

• Experience with Azure and/or GCP, IaC, and policy-as-code

• Knowledge of NIST, CIS, ISO frameworks

• Experience in regulated environments

Nice to Have

• CI/CD security integration

• Baseline-as-code program experience

• Audit or regulatory exposure

Risk Technology Analyst 

Location:  Chandler, AZ
Duration:  12 Month Contract
Pay:  $55/hr W2

W2 ONLY, NO C2C

Required Skills:

• Configure, maintain, and optimize GRC platforms, with a preference for OpenPages experience
• Apply pre deterministic and generative AI techniques to support analysis, insights, and predictive risk modeling
• Support GRC processes, including control testing, issue management, and compliance monitoring
• Ensure alignment with key industry standards, including NIST, CRI, and OWASP frameworks
• Apply strong cybersecurity and risk management knowledge to assess threats, identify gaps, and recommend mitigation strategies
• Participate in functional, data validation, and regression testing to validate system enhancements and defect fixes
• Engage in the application development lifecycle (SDLC) by reviewing requirements, testing changes, and supporting production readiness
• Conduct thorough problem resolution and root cause analysis to address system or process issues
• Provide consultative guidance to business and technical partners on risk, controls, and tool usage
• Deliver clear, concise communications and presentations to leadership and cross functional audiences

Desired Job Qualifications:

• Experience configuring IBM OpenPages
• Comfortable with pre deterministic and generative AI analysis
• Hands on Governance, Risk, and Compliance (GRC) experience
• Strong understanding of industry security standards such as NIST, ISO, CRI, and OWASP
• Solid cybersecurity knowledge across frameworks and control domains
• Demonstrated expertise in risk management practices and methodologies
• Experience performing functional, data validation, and regression testing
• Familiarity with the application development lifecycle (SDLC)
• Proven ability in problem resolution and conducting root cause analysis
• Strong consulting skills, including the ability to guide stakeholders and drive outcomes
• Excellent communication and presentation skills