Cloud Security Engineer

• Design, deploy, and maintain secure cloud infrastructure on AWS
• Specialize in the creation of security automation solutions and integrations between security tools
• Design and implement automated security workflows
• Create custom integrations between security tools
• Develop solutions that enhance security posture while reducing manual overhead
• Perform standard cloud engineering duties including infrastructure provisioning, system administration, performance optimization, and troubleshooting across AWS services
• Design and develop custom automation solutions for security processes using Python, Go, or PowerShell
• Create automated workflows for vulnerability management, compliance checking, and incident response
• Build serverless automation solutions using AWS Lambda, Step Functions, and EventBridge
• Develop custom scripts and tools to automate repetitive security tasks and processes
• Design and implement integrations between security tools (SIEM, vulnerability scanners, endpoint protection, etc.)
• Create API integrations and data pipelines between security platforms and AWS services
• Develop custom connectors and webhooks for security tool orchestration
• Implement single sign-on (SSO) and identity federation across security platforms
• Design, deploy, and maintain AWS cloud infrastructure using Infrastructure as Code (Terraform, CloudFormation)
• Manage and optimize AWS services including EC2, VPC, RDS, S3, Lambda, and container services
• Perform system administration tasks, performance tuning, and capacity planning
• Troubleshoot infrastructure issues and provide technical support for cloud environments
• Implement automated security monitoring using AWS CloudWatch, GuardDuty, and Security Hub
• Develop automated incident response playbooks and orchestration workflows
• Create custom alerting and notification systems for security events
• Build automated remediation solutions for common security findings and vulnerabilities
• Design secure cloud architectures and implement security best practices across AWS services
• Implement and maintain security controls including IAM policies, Security Groups, and encryption
• Conduct security assessments and implement automated compliance checking
• Develop and maintain security standards and documentation for cloud infrastructure

• Five (5) years' experience in cloud engineering, infrastructure automation, or security engineering with at least 3+ years focused on AWS cloud environments and security automation
• Ability to work in a fast-paced environment with changing priorities
• On-call availability for critical security incidents and infrastructure issues
• Ability to travel 10% of the time
• Ability to clear required background check
• Strong experience with AWS services including EC2, VPC, RDS, S3, Lambda, ECS/EKS, CloudFormation, and Systems Manager
• Proficiency in Infrastructure as Code tools (Terraform, CloudFormation, AWS CDK)
• Experience with Linux and Windows system administration and troubleshooting
• Knowledge of networking concepts including VPCs, subnets, routing, load balancing, and DNS
• Experience with monitoring and logging solutions (CloudWatch, CloudTrail, AWS Config)
• Advanced programming skills in Python, Go, PowerShell, or similar languages for automation development
• Experience building serverless automation solutions using AWS Lambda, Step Functions, and EventBridge
• Strong API development and integration skills (REST, GraphQL, webhooks)
• Experience with automation frameworks and orchestration tools
• Knowledge of version control systems (Git) and collaborative development practices
• Experience integrating security tools through APIs, webhooks, and custom connectors
• Knowledge of SIEM platforms (Splunk, Elastic, AWS Security Hub) and their integration capabilities
• Experience with vulnerability management tools and automated scanning solutions
• Familiarity with endpoint protection platforms and their management interfaces
• Understanding of identity and access management systems and SSO integration
• Deep understanding of AWS security services (IAM, GuardDuty, Security Hub, Config, CloudTrail, WAF, KMS)
• Experience with AWS security best practices and Well-Architected Framework security pillar
• Knowledge of AWS compliance and governance tools (Organizations, Control Tower, Config Rules)
• Experience with secrets management (AWS Secrets Manager, Parameter Store, HashiCorp Vault)
• Understanding of security frameworks (NIST Cybersecurity Framework, CIS Controls, OWASP)
• Knowledge of regulatory requirements (SOC 2, PCI DSS, HIPAA, GDPR) and automated compliance
• Experience with vulnerability management and patch management processes
• Understanding of incident response procedures and automation opportunities
• Knowledge of threat modeling and risk assessment methodologies
• Experience with container technologies (Docker, ECS, EKS) and their security implications
• Understanding of network security concepts (firewalls, VPNs, encryption, PKI)
• Familiarity with data classification and data loss prevention concepts
• Experience with backup and disaster recovery planning and automation
• Team collaboration experience and ability to work across multiple technical teams
• Strong analytical and problem-solving skills for complex automation challenges
• Excellent written and verbal communication skills for technical documentation and stakeholder interaction
• Ability to translate business requirements into technical automation solutions
• Experience mentoring others on security automation and best practices
• One or more certifications including: AWS Certified Solutions Architect - Associate/Professional
• AWS Certified Security - Specialty
• AWS Certified DevOps Engineer - Professional
• AWS Certified SysOps Administrator
• CISSP, Security+, or similar security certification

Bachelor's degree in computer science, information technology, cloud computing, or related field

• Health benefits
• Retirement contributions
• Paid time off
• Bonus eligibility