Cloud Security Engineer

View full description

Requirements:

• 7+ years of experience in cloud security, DevSecOps, or application security, with a focus on AWS.
• Expert in AWS security services such as GuardDuty, Security Hub, Inspector, IAM, KMS, and AWS Organizations.
• Deep experience with Infrastructure as Code (IaC), including Terraform and CloudFormation, to enforce security at scale.
• Strong understanding of application security principles, including OWASP Top 10, SAST, DAST, and secure SDLC methodologies.
• Proficient in DevSecOps tooling, such as SAST, DAST, SCA, IAST, and container security scanning tools.
• Expert-level AWS knowledge: VPC design, IAM, KMS, EKS, Lambda, AWS Organizations.
• Experience securing APIs, microservices, and serverless functions, ensuring proper authentication and authorization.
• Proactive problem solver, able to diagnose security challenges across both cloud and application layers.
• Excellent communication and collaboration skills, allowing you to effectively advise engineering and product teams on security best practices.

Responsibilities:

• Design secure cloud and application architectures, ensuring security is embedded in both infrastructure and software development.
• Integrate security automation into CI/CD pipelines and enforcing secure coding practices.
• Work with engineering and product teams to proactively mitigate application security risks.
• Design and manage AWS multi-account environments, ensuring minimal attack surface and robust logging/monitoring.
• Implement AWS security best practices, leveraging services like GuardDuty, Security Hub, Inspector, and custom Lambda scripts for continuous threat detection.
• Develop secure IaC templates (Terraform/CloudFormation) to enforce consistent security configurations.
• Automate security controls to detect misconfigurations, vulnerabilities, and compliance violations (CIS, NIST, PCI-DSS).
• Integrate application security testing (SAST, DAST, SCA, IAST) into CI/CD pipelines to detect vulnerabilities early.
• Define secure coding guidelines and collaborate with engineering teams to ensure adherence.
• Conduct threat modeling and secure code reviews to proactively mitigate application security risks.
• Enforce API security best practices, including OAuth, JWT, rate limiting, and input validation.
• Work closely with the Senior Security Architect to align cloud and application security with overarching security standards.
• Partner with engineering, DevOps, and product teams to embed security into the SDLC and cloud infrastructure.
• Educate development teams on secure coding, application security testing, and cloud security best practices.