Cloud Security Engineer

Trinity Capital Inc

Phoenix, AZ

JOB DETAILS
SKILLS
Acceptance Testing, Access Control, Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Applications Security, Artificial Intelligence (AI), Artificial Intelligence (AI) Programming Languages, Asset Management, Blueprints, Business Development, Change Management, Cloud Applications, Cloud Computing, Communication Skills, Computer Science, Computer Security, DNS (Domain Name System), Data Entry, Data Management, Data Modeling, Data Processing, Data Recovery, Disaster Recovery, Documentation, Email Management/Administration, Email Security, Endpoint Security, Enterprise Protection, Establish Priorities, Finance, Financial Services, Financial Systems, Firewalls, Hybrid Cloud, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information Technology & Information Systems, Information/Data Security (InfoSec), Internal Audit, Internet Security, Just in Time (JIT), Leadership, Legal, Lift/Move 20 Pounds, Loss Prevention, Mac Operating System, Machine Tool, Maintain Compliance, Management of Information Systems/Technology (MIS), Manufacturing Data Management, Microsoft Access Database, Microsoft Exchange Server, Microsoft Office, Microsoft Product Family, Microsoft SharePoint, Microsoft Windows Azure, Microsoft Windows Operating System, Modeling Languages, Monitor Regulations, Network Administration/Management, Network Architecture/Engineering, Network Security, Onboarding, Penetration Testing, Phishing, Physical Demands, Presentation/Verbal Skills, Private Cloud, Problem Solving Skills, Protective Services, Protocol Independent Multicast (PIM), Purchasing/Procurement, Regulations, Regulatory Compliance, Relationship Management, Remote Access, Risk, Risk Analysis, Sarbanes-Oxley Act (SOX), Securities and Exchange Commission (SEC), Security Analysis, Security Attacks, Security Auditing, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Single Sign-On (SSO), Software Engineering, Software as a Service (SaaS), Standard Operating Procedures (SOP), Team Player, Technical Leadership, Time Management, Typing, U.S. National Institute of Standards and Technology (NIST), Use Cases, VPN (Virtual Private Network), Vendor/Supplier Selection, Vulnerability Scanners, Web Client Plug-ins, Willing to Travel, Writing Skills
LOCATION
Phoenix, AZ
POSTED
3 days ago

Trinity Capital

Cloud Security Engineer

Trinity Capital Inc. (Nasdaq: TRIN) is an internally managed alternative asset manager that seeks to deliver consistent returns for investors through access to private credit markets. We are looking for an experienced Cloud Security professional to join our world-class team as a Cloud Security Engineer in Phoenix, Arizona. This is a high-impact role within a publicly traded organization, reporting to the Information Technology Manager and partnering with IT and business leadership to own and execute the firm's cloud security strategy. The Cloud Security Engineer will help build and maintain Trinity's security posture across Microsoft Azure, AWS, and multi-cloud environments while carrying meaningful ownership of data protection, AI governance, and regulatory compliance as a BDC subject to SEC oversight.

Job Description

The Cloud Security Engineer is a critical member of Trinity Capital's Information Technology team, responsible for designing, implementing, and maintaining the security posture of the company's cloud and hybrid infrastructure. This role owns cloud security across Microsoft Azure, AWS, and multi-cloud environments - protecting corporate data, financial systems, and regulated workloads from evolving cyber threats.

A key responsibility of this position is partnering with IT and business leadership on company-wide security strategy, including the governance and secure deployment of AI and large language model (LLM) tools across the organization. The Cloud Security Engineer will ensure that all AI platform usage meets Trinity's data protection standards and regulatory obligations as a publicly traded Business Development Company (BDC) subject to SEC oversight.

This full-time, exempt position reports to the Information Technology Manager and is based on-site at Trinity's headquarters in downtown Phoenix, AZ.

Duties and Responsibilities

Cloud Infrastructure Security

  • Design, deploy, and manage cloud security controls across Microsoft Azure, AWS, and multi-cloud environments, following a zero-trust architecture model
  • Administer and optimize Microsoft Entra ID (Azure AD), Conditional Access policies, Privileged Identity Management (PIM), and Defender for Cloud
  • Manage cloud-native security services including Microsoft Sentinel (SIEM/SOAR), Defender for Endpoint, Defender for Cloud Apps, and Azure Security Center
  • Maintain secure network architecture including virtual networks, NSGs, firewall rules, VPN gateways, and private endpoints across cloud environments
  • Oversee identity and access management (IAM) across Azure and AWS, enforcing least-privilege and just-in-time access principles
  • Monitor cloud workloads for misconfigurations, anomalous behavior, and threats using CSPM and CWPP tooling
  • Manage data loss prevention (DLP) policies across Microsoft 365, SharePoint, OneDrive, Teams, and connected SaaS platforms
  • Ensure cloud backups and disaster recovery configurations are operational and tested per business continuity requirements

Company-Wide Security Program

  • Serve as a primary driver of Trinity's enterprise-wide security posture, partnering with IT leadership to develop and maintain security strategy, roadmaps, and policies
  • Conduct regular security risk assessments, vulnerability scans, and penetration testing; prioritize remediation and report findings to IT management
  • Simulate cyberattacks and adversarial scenarios to identify gaps in existing defenses; develop and execute remediation and incident response plans
  • Own endpoint security across Windows and macOS devices managed via Microsoft Intune, including MAM/MDM policy enforcement for mobile platforms
  • Manage email security controls, anti-phishing policies, DKIM/DMARC/SPF, and Microsoft Defender for Office 365
  • Oversee security operations for SaaS platforms
  • Develop and maintain security documentation including blueprints, runbooks, incident response playbooks, and standard operating procedures
  • Administer identity security across all systems, including monitoring for credential exposure, lateral movement, and privilege escalation
  • Evaluate and recommend security vendors and tools; manage relationships and implement solutions in collaboration with external partners
  • Provide security awareness guidance and serve as a subject matter expert for colleagues across all business units

AI Platform Security & Governance

  • Own the security framework for Trinity's AI and LLM tool deployments, and any future AI platforms adopted by the organization
  • Define and enforce data classification and handling policies governing what information may be shared with AI tools, with particular attention to client-sensitive, and regulated data
  • Collaborate with IT and Compliance to build and maintain an AI usage governance program, including acceptable use policies, exclusion registries, and user training
  • Assess third-party AI tools during the procurement and onboarding process for data residency, model training opt-out, retention practices, and API security
  • Monitor AI platform integrations (SSO, API connectors, plugins) for access control gaps, data exfiltration risks, and configuration drift
  • Partner with business stakeholders to evaluate emerging AI use cases and provide security sign-off aligned with regulatory constraints
  • Stay current on evolving AI security risks, threat research, and regulatory guidance relevant to AI use in financial services environments

Compliance & Regulatory Requirements

  • Support SOX ITGC compliance by maintaining and evidencing controls over access management, change management, and system availability for in-scope financial systems
  • Uphold SEC regulatory obligations applicable to Trinity as a registered BDC and publicly traded company - including data protection, records retention, and cybersecurity incident disclosure requirements
  • Implement and maintain controls aligned with NIST Cybersecurity Framework (CSF) and ISO 27001 principles to support Trinity's ISMS program and audit readiness
  • Maintain evidence of security controls and audit trails to support SOX, SEC, and internal audit examinations; produce accurate status reports and findings documentation
  • Ensure all cloud and SaaS environments meet data residency, encryption, and access control requirements consistent with Trinity's regulatory obligations
  • Conduct proactive monitoring of regulatory developments in cloud security, AI governance, and financial services cybersecurity to anticipate and address emerging compliance requirements

Characteristics

  • Analytical mindset with a risk-based approach to security decision-making
  • Clear and concise written and verbal communication - able to explain complex security concepts to non-technical stakeholders
  • Strong problem-solving skills with the ability to balance security rigor against business agility
  • Collaborative across functional groups, including Finance, Legal, Compliance, and Operations
  • Highly adaptable; comfortable operating in a fast-paced, growth-oriented financial services environment
  • Positive attitude, strong work ethic, and a sense of ownership over outcomes
  • Excellent time management with the ability to manage competing priorities and maintain broad situational awareness

Desired Requirements

  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 7+ years of experience in information security, with at least 3 years focused on cloud security in Azure and/or AWS environments
  • Hands-on expertise with Microsoft Azure security services: Entra ID, Defender for Cloud, Microsoft Sentinel, Purview, Intune, and Conditional Access
  • Demonstrated experience securing Microsoft 365 environments (Exchange Online, SharePoint, Teams, OneDrive) and connected SaaS platforms
  • Solid understanding of AWS security fundamentals (IAM, Security Hub, GuardDuty, CloudTrail, SCPs) in a multi-cloud context
  • Experience supporting SOX ITGC audits and/or operating within SEC-regulated environments; familiarity with NIST CSF and ISO 27001
  • Working knowledge of network security fundamentals: firewalls, VPNs, NSGs, DNS, zero-trust network access (ZTNA), and secure remote access
  • Proven ability to conduct vulnerability assessments, penetration testing, and security risk analysis; experience with CVE triage and remediation workflows
  • Experience evaluating and governing third-party SaaS and AI platforms for security and compliance alignment
  • Excellent communication skills with a track record of translating security risks into business terms for leadership audiences

Physical Requirements

  • Ability to sit, stand, talk, utilize a computer, and read computer screens for extended periods of time
  • Reliable transportation with the ability to travel locally and nationally as needed
  • Maintain consistent, repetitive motion for data entry (typing/clicking)
  • Ability to lift up to 20 lbs.

Other

  • Minimal travel required (approximately 10%)

Trinity is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender expression, gender identity, or any other characteristic protected by law.

Apply Now

We strive to create a positive and collaborative work environment where creativity and innovation can thrive.

Name*

Email address*

Phone number*

Message

Upload Resume

Apply

About the Company

T

Trinity Capital Inc