Staff Cloud Security Engineer

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field. 5+ years of experience in cloud security, with a strong emphasis on designing, developing (primarily in Python and Go), and implementing security solutions in AWS. Proven hands-on software development experience, particularly in Python and Go, for security automation, building security tools, and infrastructure management. Demonstrable experience designing and implementing robust authorization and access control frameworks and Just-In-Time (JIT) access solutions. Experience with Infrastructure as Code (IaC) with deep proficiency in writing and maintaining Terraform modules for security. Experience with containerization (Docker, Kubernetes/EKS), including hands-on experience hardening containerized environments. Experience with SDLC security, CI/CD pipeline security integration, and secure software development practices. Experience with security logging, monitoring, alerting tools and scripting against their APIs (Python, Go). Experience with cloud security frameworks (especially HIPAA), regulations, and standards.

Design and implement a comprehensive authorization framework for cloud resources. Lead technical implementation of Just-In-Time (JIT) access control systems. Collaborate with engineering to integrate data classification with access control. Develop and maintain security automation scripts, tools, and services in Python or Go. Write clean, maintainable, and testable code for security automation. Implement and champion Infrastructure as Code (IaC) principles using Terraform. Contribute to the design and implementation of centralized security controls (e.g., WAF). Partner with engineering to establish secure practices for managing the development toolchain. Design and implement a secure mechanism for webhook testing in local development. Define, implement, and enforce container security hardening standards. Drive the remediation of legacy cloud environments, particularly in GCP. Design and implement solutions for granular data access control in cloud environments. Collaborate with teams to co-design and integrate automated security controls. Act as a subject matter expert on cloud security (AWS, GCP). Support organizational change management efforts related to new security controls. Conduct security assessments, threat modeling, and contribute to incident response. Develop and maintain documentation for security architectures and controls.