Platform Operations Engineer II

3-5+ years of hands-on experience with AWS, with a strong focus on security best practices. Minimum of 4 years of experience managing and securing Linux systems. 2+ years of experience implementing security automation and integrating security tooling. 2+ years of experience with Python for automation and scripting in a security/DevSecOps context. Practical experience and comfortable using Git and automated workflows for developing code securely. Familiarity with web security best practices, including DNS, firewalls, secure APIs, and database security. Proven ability to secure cloud environments, including implementing and managing security controls, auditing, and monitoring. Exceptional written and verbal communication skills. Demonstrated ability to identify and address security challenges, delivering effective solutions through collaboration and leadership. Experience working in environments with complex compliance requirements (e.g., PCI-DSS, SOC 2, ISO27001) is preferred. Relevant AWS certifications (e.g., AWS Certified Security – Specialty) are preferred. Hands-on experience with WAFs and centralized logging stacks is preferred. Strong understanding of secure CI/CD practices and integrating compliance objectives into pipelines is preferred. Experience with Terraform or CloudFormation for managing secure infrastructure is preferred. Proven ability to mentor engineers and share security knowledge effectively is preferred. Understanding of container security and orchestration such as Docker, Kubernetes is preferred.

Drive and deliver security solutions across AWS cloud, container security (ECS/Kubernetes), CI/CD, and secure cloud-native architectures. Build and enhance security-related platform capabilities, involving CI/CD pipelines, infrastructure, reusable templates, and automation. Design and implement reusable patterns that promote security best practices and compliance across all engineering teams. Promote secure delivery practices by embedding security in the build and design phases. Work closely with SecOps, platform teams, and engineering teams, fostering knowledge sharing and ensuring alignment on security goals and solutions. Assess and improve existing security standards, practices, and controls. Develop automation strategies to enforce regulatory controls and ensure continuous compliance. Collaborate on incident monitoring and response, conduct Root Cause Analysis, and recommend measures for future mitigation. Utilize AWS cloud knowledge, Terraform, and Python to develop secure solutions. Deliver clear security updates, document solutions thoroughly, demo and communicate effectively with diverse stakeholders.