​​cloud Engineering Consultant​

Cloud Engineering Consultant

At Thales, we know technology has the ability to make our world more secure, sustainable, and inclusive – and that it's all driven by human intelligence. Because it takes human intelligence to build and power the systems and solutions that people depend on every day. So we stay curious and make space for diverse points of view. We share what we know and we challenge what's possible. From manufacturing and engineering to cybersecurity and space, we're driving progress in some of the world's most important industries – and working together to build a future we can all trust.

The Cloud Engineering Consultant is an engineering role within our Cloud Security Practice, responsible for delivering cloud security assessments, greenfield builds, environment uplifts, and design validation across Azure, AWS, and GCP. This position is hands-on and execution-focused, ensuring client environments are delivered securely, at scale, and in alignment with industry frameworks.

Working closely with the Architecture team, working in a team/agile. This includes building secure landing zones, remediating configuration gaps, implementing IAM and encryption controls, and deploying monitoring and logging solutions. You will bridge the gap between high-level strategy and practical engineering delivery.

This role requires both strong technical depth and consulting presence. You will engage with client stakeholders to provide clear, value-based recommendations while driving technical execution to completion. As part of secured-by-design engagements, you will help clients realise measurable improvements in security posture and operational maturity.

As a Cloud Engineering Consultant, you are accountable for:

• Delivering cloud security assessments, greenfield builds, and environment uplifts across Azure, AWS, and GCP in alignment with client objectives.
• Working within agile delivery models (sprints, ticket-based workflows, backlog management) to implement solutions, remediate security findings, and contribute to engineering stories.
• Implementing and configuring Azure services such as Entra ID, Key Vault, Defender for Cloud, Microsoft Sentinel, Azure Policy, Azure Monitor/Log Analytics, and Azure Firewall.
• Implementing and configuring GCP services such as Cloud IAM, Cloud KMS, Security Command Center, Cloud Logging/Monitoring, VPC Service Controls, and Chronicle SIEM/SOAR.
• Implementing and configuring AWS services such as IAM, KMS, GuardDuty, Security Hub, CloudTrail, CloudWatch, Config, and VPC Security Groups/NACLs.
• Translating Cloud Security Architecture designs into secure, production-ready solutions, including validation of designs and ownership of implementation and delivery.
• Building and configuring secure landing zones, IAM models, encryption mechanisms, and logging/monitoring solutions.
• Supporting automation and repeatability through Infrastructure as Code (Terraform, Bicep, CloudFormation) and engineering best practices.
• Working directly with client stakeholders to implement architecture recommendations and ensure technical execution achieves measurable uplift.
• Collaborating with architecture teams to shape practical delivery approaches while contributing feedback into service catalogues and engineering patterns.
• Sharing knowledge with peers, mentoring junior engineers, and maintaining awareness of emerging cloud technologies, risks, and security controls.

To be successful in your role, you will have demonstrated and/or acquired the following knowledge and experience:

• Experience in designing and implementing cloud-native security services in Google Cloud (e.g., IAM, KMS, Security Command Center, VPC Service Controls, Chronicle) or AWS (e.g., IAM, KMS, GuardDuty, Security Hub, CloudTrail, Config).
• Experience in Microsoft Azure security services such as Entra ID, Key Vault, Defender for Cloud, Microsoft Sentinel, Azure Policy, and Azure Monitor/Log Analytics (advantageous).
• Relevant cloud certifications (e.g., AWS Security Specialty, GCP Professional Cloud Security Engineer, Azure Security Engineer Associate).
• Certifications or hands-on experience with cloud security tools such as Wiz, Tenable, Prisma Cloud, or Defender for Cloud Apps.
• Experience with Agile delivery practices (e.g., sprint planning, backlog grooming, stand-ups) and ITSM tools such as Jira, Confluence, and ServiceNow; ability to report on progress and collaborate effectively in agile teams.
• Strong written and verbal communication skills to clearly explain technical concepts, risks, and recommendations to both technical and business stakeholders.
• Minimum of 2 years' experience delivering cloud services in Google, AWS, or Microsoft environments, with exposure to regulated industries (Government, Financial Services, or Critical Infrastructure desirable).

Our Benefits

• Above market remuneration
• Flexible working options
• Paid Parental Leave and Veterans Leave
• Novated Lease options
• Family support through our partnership with Parents at Work
• Ongoing personal and professional development opportunities
• Sonder – Wellbeing & Support Partner

We encourage you to apply. After you have applied, you will receive an email acknowledging your application. We'll then provide a personalised experience for suitable applicants as we progress the selection and assessment process. Prior to being offered employment, you will need to complete pre-employment police checks.

As a Defence security clearance is required for this role, applicants must be Australian citizens and eligible to obtain and maintain an appropriate clearance.