Principal Public Cloud Security Engineer (Hybrid Schedule | Onsite in CO, NC, or MO)
The Select Group’s Telecommunications vertical is seeking a Principal Cloud Engineer to join our client’s fast-moving enterprise team. In this role, you will lead cloud security engineering and drive secure DevOps adoption across large-scale enterprise workloads as part of a newly established public cloud infrastructure division. This position goes beyond hands-on engineering. We’re looking for a strategic leader who can bridge technology, compliance, and business goals, shaping how cloud platforms are designed, secured, and operated.
This is an exciting opportunity to make a strategic impact, define cloud security standards from the ground up, and mentor cross-functional teams, all while helping build the foundation for a secure, scalable public cloud organization.
This role follows a four-day on-site hybrid schedule and is open only to candidates based near one of the following office locations: Englewood, CO; Charlotte, NC; or St. Louis, MO.

What You’ll Do

• Lead the design and implementation of secure, scalable GCP environments (IAM, encryption, network security).
• Develop automated guardrails and CI/CD security checks across pipelines and workloads.
• Deploy and tune cloud-native threat detection tools (GuardDuty, Security Hub, WAF, CloudTrail).
• Collaborate with DevOps, Infrastructure, and Compliance teams to align controls with PCI/SOC2/ISO frameworks.
• Drive secure-by-design architecture and mentor engineers on cloud security best practices.
• Contribute to cloud governance strategy and help shape enterprise standards.
• Learn and assist in secure GCP engineering as the team expands its multi-cloud footprint.

• 10–12+ years of total engineering experience, including 7–8+ in public cloud environments in either GCP OR AWS.
• 4+ years of AWS OR GCP security engineering experience (IAM, KMS, VPC).
• 3+ years in automation (Terraform/CloudFormation) and CI/CD integration.
• 2+ years of Python or similar scripting.
• Familiarity with SIEM/SOAR, container security, and compliance frameworks (PCI, SOC2, ISO).
• Strong communicator who can align engineering and compliance teams toward shared goals.
• AWS Security Specialty or GCP experience is a plus.

TSG is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
#LI-RA1