Sr Cloud Security Engineer
Sr Cloud Security Engineer
-Seeking a Sr Cloud Security Engineer who understand Security. Main focus is AWS and intimate knowledge of AWS containers
-check configurations, monitored deployed servers to keep security whole. Help set up and manage the Cloud Security Platform Management tool they are in process of selecting, identity management, single sign on DLP, sentinel, cyberark paas
-joining a team of 5
-this is a multicloud environment (Mostly AWS and some Azure)
Primary Responsibilities:
Requirements for Success:
Desired:
Working knowledge of Infrastructure as Code tools (Terraform, CloudFormation) or ability to learn.
AWS Certified Security Specialty certification required or must be able to obtain within 12 months.
CISSP or equivalent security certification preferred.
Experience with Azure B2C.
Benefits (employee contribution):
All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Rate of pay within the stated range will depend on the qualification of the applicant.
-Seeking a Sr Cloud Security Engineer who understand Security. Main focus is AWS and intimate knowledge of AWS containers
-check configurations, monitored deployed servers to keep security whole. Help set up and manage the Cloud Security Platform Management tool they are in process of selecting, identity management, single sign on DLP, sentinel, cyberark paas
-joining a team of 5
-this is a multicloud environment (Mostly AWS and some Azure)
Primary Responsibilities:
- Designs and implements comprehensive security architectures for AWS cloud environments, including multi-account strategies, network security, and data protection mechanisms.
- Configures and manages AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, WAF, and Shield to maintain continuous security monitoring and threat detection.
- Integrates security controls into CI/CD pipelines across Jenkins, and BitBucket, implementing SAST, DAST, SCA, and secrets scanning to enable shift-left security practices.
- Partners with development teams to embed security throughout the software development lifecycle, providing guidance on secure coding practices, threat modeling, and vulnerability remediation.
- Implements and maintains container security for ECS and Kubernetes (EKS) environments, including image scanning, runtime security monitoring, RBAC configuration, and network policy enforcement.
- Develops and enforces Infrastructure as Code (IaC) security standards for Terraform and CloudFormation, including policy-as-code implementation, state file protection, and automated security scanning.
- Designs and implements authentication and authorization solutions using OAuth , OIDC, and SAML, following Zero Trust principles and least-privilege access models.
- Establishes and supports security champion programs within development teams, providing training, resources, and guidance to promote security awareness and best practices.
- Conducts security assessments, vulnerability management, and penetration testing coordination to identify and remediate security risks across cloud infrastructure and applications.
- Responds to security incidents, conducts forensic analysis, and develops automated remediation runbooks to improve incident response capabilities.
- Integrates and manages SIEM and logging solutions for security event correlation, threat detection, and compliance reporting.
Requirements for Success:
- At least 7+years of experience in cloud engineering with a strong focus on cloud security.
- CNAPP (cloud Native Application protection platform) / CSPM (cloud security posture mgmt) tools for cloud posture, vulnerability management, and risk prioritization/WIZ exp
- Demonstrated hands-on experience with AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, and WAF.
- Experience designing and implementing security controls in AWS cloud environments.
- Proven experience integrating security into CI/CD pipelines using tools such as Jenkins, BitBucket.
- Securing Kubernetes workloads across build, deploy, and runtime...exp w Kubernetes security primitives (RBAC, NetworkPolicies, PodSecurity)
- Experience with authentication and authorization protocols including OAuth, OIDC, SAML, and SSO implementations.
Desired:
Working knowledge of Infrastructure as Code tools (Terraform, CloudFormation) or ability to learn.
AWS Certified Security Specialty certification required or must be able to obtain within 12 months.
CISSP or equivalent security certification preferred.
Experience with Azure B2C.
Benefits (employee contribution):
- Health insurance
- Health savings account
- Dental insurance
- Vision insurance
- Flexible spending accounts
- Life insurance
- Retirement plan
All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Rate of pay within the stated range will depend on the qualification of the applicant.
