AWS Cloud Security Engineer
12 Month Rolling Contract
Remote
We are looking for a Lead Cloud Security Engineer to join our team and help us protect our data in our cloud environment from cyber threat actors. You will be responsible for designing, implementing, and maintaining security solutions that align with our business objectives and industry best practices. You will also participate in a cross functional team with other cloud security engineers and collaborate with other stakeholders to ensure compliance, risk management, and incident response.
Responsibilities
- Review design and implement cloud security architectures and policies for AWS environments.
- Design and enforce policies for data access, retention, and deletions.
- Develop and enforce data protection and encryption strategies for cloud data and assets.
- Work closely with cross-functional teams to assess risk and deliver countermeasure that protect customers and company data.
- Establish and document repeatable processes that ensure proper use of the encryption, key management, data masking, and data labeling technologies in the cloud.
- Monitor and analyze cloud security events and data loss incidents and provide remediation guidance.
- Participate in cloud security assessments and audits and provide recommendations for improvement.
- Research and evaluate emerging cloud security trends and technologies for Data Protection and provide recommendations for adoption.
- Provide Cloud security technical guidance to a team of Data Protection engineers.
- Partner with Cloud platform teams (Azure, AWS, OCI, GCP) to design and implement security controls.
- Ensure compliance with data privacy regulations and standards.
- Ensure technical scripting and securing of the governance policy.
- Collaborate with the team to establish key performance indicators for AWS data protection events.
- Develop and maintain security standards and baselines to ensure controls and governance are implemented and updated dynamically at the speed of DevSecOps.
- Define the Minimum Security Baseline for use and implementation of services and applications with AWS that are adhere to specific identity and Access Management practices and security governance.
- Establish in reliable operation of controls and enable continuous and real-time auditing.
- Participate in AWS Security Immersion Days and contribute to the AWS Security Reference Architecture.
Qualifications
- At least 5 years of experience in cloud security, preferably in AWS
- Proficiency in data protection strategies for cloud storage, databases, and applications.
- Knowledge of AWS-specific data Protection tools and services.
- Ability to perform risk assessments and data protection audits.
- Analytical skills to assess data protection needs and compliance requirements.
- Strong knowledge of AWS security services and features, such as IAM, KMS, VPC, S3, CloudTrail, CloudFormation, etc.
- Strong knowledge of cloud security standards and frameworks, such as NIST, ISO, CSA, etc.
- Strong knowledge of data protection and encryption methods and technologies, such as AES, RSA, PKI, SSL/TLS, etc.
- Strong knowledge of cloud security threats and vulnerabilities, such as insider threat, misconfiguration, data leakage, etc.
- Strong knowledge of cloud security tools and solutions, such as AWS Inspector, GuardDuty, Macie, WAF, etc.
- Strong knowledge of Security Information and Event Management (SIEM) systems including creating and refining searches for alerting purposes.
- Strong knowledge of Data Lakes and knowledge of infrastructure as code.
- Hands on experience implementing security control in AWS environments.
- Certification such as AWS Certified Security Specialty is preferred.
