The CloudSec Engineer

What Will You Get From This Book?

Actionable advice for Cloud Security Engineers at all stages of their career.

Focused on Cloud Security

While there are plenty of resources covering Software Engineering careers, Security Engineering (especially at Senior levels) doesn't have the same coverage. This book fills that gap.

Straight to the point

The book is designed to be a practical guide. It's not a theoretical book, but a manual to help you grow in your career, focusing on the most important aspects of the job.

Experienced author

The content of the book is informed by my own perspective after 13+ years of experience building security functions from the ground up at Fortune 500 companies, pre-IPO startups, and high-growth organizations.

A structured approach

This book will give you pointers to help you define the content of your learning plan, and how to structure it.

Self-contained chapters

The book is composed by five standalone parts. You can use The CloudSec Engineer as a manual that you can refer back to at every stage of your career.

Notion-based Toolkit

In addition to the book, in the Complete Package version you'll find additional custom templates to help you manage side projects, interview, brag documents, and more.

What's Inside

Part I: A Career in the Security Industry

Choosing a Career in Information Security
Cloud Security as a Career Path
Understanding Career Levels

Part II: Entering the Field

What Skills Do You Really Need?
Tips for Effective Learning
What Does It Mean To Be At This Stage
Working Towards the Next Stage

Part III: Establishing Yourself

The Essential Skills You Need To Learn
Tips for Effective Learning
What Does It Mean To Be At This Stage
Working Towards the Next Stage

Part IV: Thrive

The Skills You Need To Master To Be Well-Rounded
Tips for Effective Learning
What Does It Mean To Be At This Stage
Final Tips for a Long Career

Part V: Interviewing and Choosing Your Next Company

Pick Your Adventure
Where To Look for Jobs
Get Ready for Interviewing
Managing the Interview Process and Securing Offers

Bonus Content

Bonus #1: Side Projects Management
Bonus #2: Personalised Brag Document
Bonus #3: Reverse Interview Questions Bank
Bonus #4: Interview Management
Bonus #5: Offer Management

See more details for each chapter in the extended table of contents for the book.

Who This Book Is For

This is a book for anyone wishing to improve their career in the Cloud Security industry as an individual contributor.

People looking to enter the (Cloud) Security Industry

Have you ever felt unsure about what you need to know to land your first job, or what to expect once you get there? This book is for you. Part I & II

Security Engineers who want to grow towards a Senior role

This book is also for people who already have experience but want to do more. People who already have a few years of experience but feel stuck or frustrated about their progress. Part III

Experts who want to reach Technical Leadership roles

The book is also for expert engineers who wish to advance to Staff+ levels. We will see what it means to become a Staff+ Engineer in the Security industry, and what's expected of you. Part IV

Engineers who want to better prepare for interviewing for a Cloud Security Engineering role

Regardless of the level, the book is for people who want to better prepare for interviewing for a Cloud Security Engineering role, landing a job at a prestigious company, or get to a better salary in less time. Part V

Book Reviews

Essential Reading for Aspiring Cloud Security Engineers

"As someone transitioning into cloud security from a general cybersecurity role, I found The CloudSec Engineer to be an incredibly valuable resource. The book recommendations are spot-on, covering everything from AWS security fundamentals to advanced topics like IAM hardening and incident response. The structured approach makes it easy to follow, and I appreciate the real-world insights on certifications and career progression. If you're serious about cloud security, this is a must-read!"

Greg

Cloud Security Engineer

Well-Curated & Up-to-Date for Seasoned Professionals

"I've been working in cloud security for several years, and I always recommend The CloudSec Engineer to new hires. Unlike other books, it focuses on practical, high-quality resources that align with real-world job requirements. Even as an experienced engineer, I found new gems to add to my reading list."

Jack

Staff Security Engineer

Great for Hiring Managers & Building a Cloud Security Team

"As a hiring manager, I often get asked for learning recommendations by team members and candidates looking to break into cloud security. The CloudSec Engineer aligns well with what we look for in skilled engineers, and the breakdown by skill level is helpful for both beginners and experienced professionals. If you're building a security program, this book can help guide learning paths for your team."

Helen

Security Program Manager

Exceptionally thorough and detailed

"Very thorough and complete instead of being high level which a lot of books tend to do. Packed with references, which makes it a valuable resource to revisit again and again."

Eimantas

Cloud Security Engineer

The book I wish I had my first day at the job

"The CloudSec Engineer is the book I wish I had my first day at the job. The book is a treasure trove of information, and I've found myself referencing it multiple times already."

Anya

Cloud Security Engineer

Pricing

Book licenses are for personal use. See team pricing here

Book Only

$30

PDF & EPUB format
Over 250 pages of content
Lifetime updates
5 tailored Notion templates (Side Projects Management, Personalised Brag Document, Reverse Interview Questions Bank, Interview Management, Offer Management)

BUY NOW

View team pricing

RECOMMENDED

Complete Package

$40

PDF & EPUB format
Over 250 pages of content
Lifetime updates
5 tailored Notion templates (Side Projects Management, Personalised Brag Document, Reverse Interview Questions Bank, Interview Management, Offer Management)

BUY NOW

Frequently Asked Questions

Why write this book?

While there are plenty of resources covering Software Engineering careers, Security Engineering (especially at Senior levels) doesn't have the same coverage.
That's why, with over a decade of experience in the field, I wanted to share my practical advice to help others, whether they're just starting out or are aiming for technical leadership roles.

Can I share this book with a group? What if I want to buy a copy of the book for my whole team?

If you purchase an individual license, please respect the terms, and do not distribute to others.

If you are interested in a group license, on the ebook's checkout page you can find options for team licenses:

2-10 people: $260
11-60 people: $1,315
61-100 people: $2,100
>100 people: contact me at [email protected]

How can I report an issue or error?

Please use this form to give feedback and report issues: https://feedback.cloudsecbooks.com

I have a different question

Send me a message at [email protected] and I'll get back to you.

What formats are available?

The book is available in PDF, and EPUB.
You can download all formats after purchase. All copies are DRM-free.

Is there a Kindle version?

Although I recommend the PDF version for the best reading experience, you can convert the EPUB version to Kindle format.
You can send the EPUB version to Kindle by Amazon's "Send to Kindle" tool at amazon.com/sendtokindle.

Is there a printed version?

Not for now. The book contains over a thousand links and references (1124, to be precise), and it would be hard to follow on paper.

Can I get an invoice?

After purchasing the book, you can generate an invoice from Lemon Squeezy. You only have to fill in your billing information to download the invoice instantly.

What is the refund policy?

I want to make sure you're happy with the purchase. If you are not happy, within 7 days of purchase, send an email to [email protected] with subject "Refund" and the reason, and you'll get a full refund.

About The Author

👋 My name is Marco Lancini and I am a Director of Security and Certified Chief Information Security Officer (C|CISO).

I curate CloudSecList, a newsletter that keeps thousands of security professionals informed about current happenings and news related to the security of cloud-native technologies, and CloudSecDocs, a website collecting and sharing my technical notes and knowledge on cloud-native technologies, security, technical leadership, and engineering culture. I also write about cloud security, technical leadership, and security strategy.

I served on the committee that created the Certified Kubernetes Security Specialist (CKS) certification, worked as a maintainer of Cartography (a CNCF-incubated security tool), and presented research at top-tier security conferences including Black Hat, KubeCon, OWASP AppSec, DEEPSEC, BSides, ACSAC, CCS, and NATO's CYCON. I mentor young professionals through the Lead the Future program, a non-profit helping Italian talents pursue STEM careers.

I hold a Master's Degree in Engineering of Computing Systems, and international certifications such as C|CISO, CISSP, CCSP, CKS, AWS CSA, AWS SCS, GCP Associate Cloud Engineer, GCP Professional Cloud Security Engineer, Microsoft Certified Azure Fundamentals, HashiCorp Infrastructure Automation & Security Automation Certifications (Terraform & Vault), and OSCP.

The CloudSec Engineer is informed by my experience building security functions from the ground up at Fortune 500 companies (like Mastercard), pre-IPO startups (like GitLab), and high-growth organizations (like Thought Machine and Lakera).

You can follow me on Twitter and Linkedin, or read more about me at marcolancini.it.