Cloud Security AI Test Automation Engineer

Cloud Security AI Test Automation Engineer at TD

We are seeking a detail-oriented Cloud Security AI Test Automation Engineer to join our team. This role focuses on automating and validating Compliance-as-Code (CaC) policies across multi-cloud environments, including GCP, Azure, and AWS. You will blend expertise in cloud security with advanced AI tools to enhance compliance, security, and test automation, ensuring continuous validation within these diverse cloud environments.

Job Responsibilities

Automated Testing for Cloud Policies

• Design, develop, implement, and maintain AI-driven automated test frameworks for the behavior of existing Compliance-as-Code policies across cloud environments (GCP/AWS/Azure) in alignment with banking regulations.
• Implement AI-driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations, to simulate and test policies effectively.
• Utilize Azure AI Search, Azure OpenAI, and Azure Machine Learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps.
• Develop comprehensive positive, negative, and edge exception test cases to validate policy enforcement logic. Maintain a test suite library and ensure traceability between compliance requirements, validation cases, and artifacts.
• Collaborate with CaC policy developers, security architects, and Cloud Service Owners to understand intended behavior and failure conditions.

Continuous Testing & CI/CD Integration

• Integrate AI-assisted compliance validation into CI/CD pipelines (GitHub Actions, GitHub Workflows) using GitHub Copilot for scripting efficiencies and M365 Copilot Studio for creating streamlined policy validation templates.
• Automate security scanning and validation of Terraform deployments with Python.
• Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.

Cloud Security and Regulatory Compliance Enforcement

• Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.
• Validate cloud resource configurations against financial industry standards (NIST, ISO 27001, SOC 2).

Reporting & Audit Readiness

• Implement and test logging and monitoring solutions to detect compliance violations in real time.
• Automate and validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, and AppOmni.
• Ensure that all TD Standards & STIG requirements for IaaS, PaaS, SaaS CaC development and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.

Job Requirements

• University or post-graduate degree in Computer Engineering, Software Engineering, Computer Science, or Data Science (BS/MS).
• 7+ years relevant experience.
• 4+ years in Cloud Security, DevSecOps, AI, or Cloud Engineering roles.
• Strong knowledge of GCP, Azure, and AWS.
• Cloud infrastructure as code: Experience with Terraform, Helm, ARM, JSON, YAML, REGO.
• Compliance as Code (CaC): Hands-on experience with HashiCorp Sentinel, Azure Policy, Wiz Policy, GCP Org Policy, and Open Policy Agent, Kubernetes.
• CI/CD Pipelines: Experience with GitHub Actions, Jenkins, Terraform, HashiCorp Vault, Nexus.
• AI Tools: Experience with Azure Open AI, Azure Content Safety, Azure Foundry, Azure AI Builder, GitHub Copilot, M365 Copilot Studio, and AML.
• Scripting and Automation: Proficiency in Python, Bash, PowerShell, and automated testing frameworks.
• Cloud Security & Compliance: Understanding of CIS benchmarks, NIST standards, and security frameworks.

Other Skills & Assets

• Azure Fundamentals certification, Azure Security Engineer Associate, GCP Fundamentals certification.
• Experience with multi-cloud security testing (GCP, Azure, AWS).
• Experience with Container security and Kubernetes policy enforcement.

Why Join Us?

• Work on cutting-edge AI-driven cloud security and compliance automation.
• Be part of a DevSecOps-driven culture with CI/CD integrated security testing.
• Collaborate with global teams to secure multi-cloud environments.

Key skills/competency

• Cloud Security
• AI Test Automation
• Compliance-as-Code (CaC)
• GCP, Azure, AWS
• DevSecOps
• CI/CD Pipelines
• Python Scripting
• Regulatory Compliance
• Terraform
• Kubernetes