Cloud Security Engineer

• →

  Design and implement AWS security architectures aligned with compliance and industry best practices

• →

  Assess cloud security risks, enforce security policies, and support audits across AWS environments

• →

  Manage AWS IAM, Organizations, and Control Tower to enforce least privilege and role-based access controls

• →

  Deploy and manage AWS-native security services (Security Hub, GuardDuty, Macie, Inspector, WAF, Shield)

• →

  Configure and maintain encryption solutions (AWS KMS, CloudHSM, ACM, Secrets Manager)

• →

  Integrate AWS logging and monitoring (CloudTrail, CloudWatch, Config) with SIEM platforms for threat detection

• →

  Secure networks via AWS VPCs, Security Groups, ACLs, and PrivateLink

• →

  Work with DevOps to embed security in CI/CD pipelines using AWS-native and third-party tools

• →

  Automate security with Terraform, CloudFormation, and scripting (Python, Bash, PowerShell)

• →

  Apply container and Kubernetes security practices for AWS EKS, ECS, and Fargate environments

• →

  Conduct vulnerability assessments, penetration testing, and remediation in AWS environments

• →

  Drive compliance with CIS AWS Benchmarks, NIST, ISO 27001, SOC2, PCI-DSS, and HIPAA frameworks

• →

  Develop and test incident response and disaster recovery plans for cloud systems

• →

  Train internal teams on cloud security risks, controls, and emerging best practices

• 10+ years of IT/security experience with 4+ years focused on AWS cloud security

• Hands-on expertise securing AWS services (IAM, VPC, EC2, S3, RDS, Lambda, EKS, ECS, Fargate, CloudFront, Route 53)

• Strong knowledge of AWS-native security tools (GuardDuty, Security Hub, Macie, Inspector, WAF, Shield, CloudTrail, CloudWatch)

• Proficiency in encryption and key management using AWS KMS, CloudHSM, and ACM

• Experience with IaC and automation (Terraform, CloudFormation, Python, Bash, PowerShell)

• Skilled in container and serverless security (EKS, ECS, Fargate, Lambda)

• Knowledge of Zero Trust, identity federation, and RBAC in AWS environments

• Experience with vulnerability scanning, penetration testing, and audit readiness in cloud environments

• Familiarity with SIEM and SOAR tools, incident response, and forensic analysis in AWS

• Experience with multi-cloud environments (Azure, GCP) is a plus

• AWS Security Specialty or equivalent certifications preferred (CISSP, Solutions Architect, DevOps Engineer)

• Strong problem-solving mindset with the ability to act proactively in fast-paced environments

• Excellent communicator, able to explain security concepts to technical and business stakeholders

• Team-oriented collaborator who integrates security seamlessly into DevOps and engineering workflows

• Dedicated to continuous learning, with a passion for emerging security technologies and threats

• Ethical and business-minded, balancing security best practices with operational needs

• Bachelor’s degree in Computer Science, Cybersecurity, or related field preferred

• Professional certifications such as CISSP, AWS Security Specialty, or equivalent strongly preferred

• Proven track record of leading cloud security initiatives in regulated industries

Ready to safeguard critical cloud platforms and lead the way in AWS security? Apply today and help us build secure, scalable, and compliant digital experiences.

#SJ