Cloud Security Engineer

Primary Responsibilities:

• Designs and implements comprehensive security architectures for AWS cloud environments, including multi-account strategies, network security, and data protection mechanisms.
• Configures and manages AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, WAF, and Shield to maintain continuous security monitoring and threat detection.
• Integrates security controls into CI/CD pipelines across Jenkins, and BitBucket, implementing SAST, DAST, SCA, and secrets scanning to enable shift-left security practices.
• Partners with development teams to embed security throughout the software development lifecycle, providing guidance on secure coding practices, threat modeling, and vulnerability remediation.
• Implements and maintains container security for ECS and Kubernetes (EKS) environments, including image scanning, runtime security monitoring, RBAC configuration, and network policy enforcement.
• Develops and enforces Infrastructure as Code (IaC) security standards for Terraform and CloudFormation, including policy-as-code implementation, state file protection, and automated security scanning.
• Designs and implements authentication and authorization solutions using OAuth , OIDC, and SAML, following Zero Trust principles and least-privilege access models.
• Establishes and supports security champion programs within development teams, providing training, resources, and guidance to promote security awareness and best practices.
• Conducts security assessments, vulnerability management, and penetration testing coordination to identify and remediate security risks across cloud infrastructure and applications.
• Responds to security incidents, conducts forensic analysis, and develops automated remediation runbooks to improve incident response capabilities.
• Integrates and manages SIEM and logging solutions for security event correlation, threat detection, and compliance reporting.
• Collaborates with DevOps, development, IT, and compliance teams to ensure security requirements are met while enabling business objectives and maintaining operational efficiency.
• Mentors junior security engineers, conducts architecture reviews, and contributes to the development of security policies, standards, and procedures.
• Stays current with emerging cloud security threats, vulnerabilities, and best practices, recommending and implementing security improvements to strengthen the organization's security posture.
• Any additional duties assigned by management.

Requirements for Success:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field, or equivalent work experience.
• At least 3-5 years of experience in information security with a strong focus on cloud security.
• Demonstrated hands-on experience with AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, and WAF.
• Experience designing and implementing security controls in AWS cloud environments.
• Proven experience integrating security into CI/CD pipelines using tools such as Jenkins, BitBucket.
• AWS Certified Security – Specialty certification required or must be able to obtain within 12 months.
• Strong experience with container composition, runtime environments (ECS, EKS) and container security.
• Working knowledge of Infrastructure as Code tools (Terraform, CloudFormation) or ability to learn.
• Experience with authentication and authorization protocols including OAuth, OIDC, SAML, and SSO implementations.
• Strong experience with Entra ID including conditional access policies, application registrations and RBAC.
• Experience with Azure B2C.
• Demonstrated experience with code scanning tools, web application firewalls, and vulnerability management.
• Strong understanding of DevSecOps principles and shift-left security practices.
• CISSP or equivalent security certification preferred.
• Strong communication and leadership skills with the ability to explain technical security concepts to both technical and non-technical audiences.
• Strong attention to detail and accuracy.
• Ability to work collaboratively across teams and build strong relationships with developers, operations teams, and business stakeholders.

#HO

#LI-TH1