Sr. Cloud Security Engineer (Remote from India)

Strong fundamentals in cloud security, including identity management, network security, encryption, and boundary design. Deep hands-on experience with AWS security services: IAM, KMS, S3, CloudTrail, GuardDuty, Config, Security Hub, VPC, WAF. Proficiency in scripting and automation with Python or Go. Experience architecting multi-component distributed systems in AWS. Ability to design end-to-end security solutions and decompose them into executable tasks. Strong debugging, root cause analysis, and system thinking skills. Experience with threat modeling and risk analysis in cloud workloads. Proven collaboration skills with cross-functional teams. Self-motivated with the ability to manage projects from design to deployment. Strong communication skills, capable of clearly explaining complex trade-offs.

Architect and implement secure AWS infrastructure patterns including IAM, VPC, KMS, EKS, Lambda, ECS/Fargate, S3, CloudTrail, and related services. Develop automation, tooling, and internal security services using Python or Go. Build cloud guardrails, AWS Config rules, SCPs, and automated remediation workflows. Design secure defaults and "paved roads" for engineering teams to follow best practices. Partner with Infra, SRE, and Application teams to design secure systems and APIs. Enhance least privilege policies for human and non-human identities through automation. Implement event-driven detections using CloudTrail, EventBridge, Lambda, and Step Functions. Threat model new services and provide actionable architectural guidance. Own key domains including secrets management, container security, and network segmentation. Contribute to documentation, playbooks, and reusable patterns to maintain high security standards.