Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

The Cloud Security Engineer will be part of the Cloud Security team, operating at the core of the IT Security function.
The role involves working within a multidisciplinary team distributed between Porto and France, covering all topics related to Public Cloud Security.

Key Responsibilities

• Implement and enforce security controls (security perimeter, Identity and Access Management, data security) using various cloud security tools

• Ensure compliance with internal cloud security policies and standards

• Perform cloud security analyses and risk assessments

• Validate and review security architectures for critical cloud-based business projects

  The Cloud Security Engineer will be part of the Cloud Security team, operating at the core of the IT Security function.
  The role involves working within a multidisciplinary team distributed between Porto and France, covering all topics related to Public Cloud Security.

• Solid expertise in cloud platforms: strong proficiency in either GCP or Azure is mandatory; knowledge of both is considered an advantage

• Proven experience in designing and implementing secure cloud architectures, aligned with best practices, compliance requirements, and security frameworks

• Strong understanding of Identity and Access Management (IAM) principles and best practices (e.g. Least Privilege, RBAC)

• Experience conducting security assessments of PaaS services, including proof of concepts and delivery of risk mitigation recommendations

• Ability to define and implement governance controls using native cloud tools (e.g. Azure Policy, GCP Organization Policies); experience with third-party tools is a plus

• Competence in scripting and automation using tools such as Terraform, Git, Jenkins, and CI/CD pipelines, supporting Infrastructure as Code (IaC) approaches

• Awareness of current cloud security threats, trends, and technologies

Additional Assets (Nice to Have)

• Exposure to additional cloud providers, particularly AWS

• Scripting experience in Python

Professional Requirements

• Minimum of 5 years of experience in similar cloud security roles

• Strong work ethic and sense of responsibility

• High adaptability in complex and evolving technical environments

Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.