AWS Cloud security Engineer

The SaaS Security Operations Team is crucial to safeguarding the security and operational efficiency of our SaaS organization. We are seeking a dynamic professional to join our international SecOps team as an AWS Cloud Security Engineer. You will be one of the guardians of our software value, playing a meaningful role in identifying and addressing potential security threats through advanced threat modeling and conducting thorough penetration testing across our AWS-native systems, web applications, and APIs. This role will be pivotal in proactively safeguarding our cloud perimeter and continuously enhancing our security posture.

Experience required - 5+ years

Proactive in your day-to-day work and engaged with multiple teams, you are a strong team player and creative problem solver who can work with multi-cultural, dispersed technical teams and contribute to the success of our solutions by:

Performing Threat Modeling using frameworks like STRIDE to identify, prioritize, and mitigate potential security risks within our AWS cloud architecture and SaaS applications.

Collaborating closely with development, DevOps, and infrastructure teams to integrate threat modeling into the design and development lifecycle of cloud- native solutions.

Conducting hands-on penetration testing specifically focused on web applications and APIs deployed within AWS environments, to uncover vulnerabilities and exploit paths.

Analyzing vulnerabilities reported from automated security tools (e.g., SAST, DAST, cloud security posture management tools) or third parties to assess their exploitability and potential impact on our AWS infrastructure and applications.

Supporting the resolution of security incidents, including Root Cause Analysis (RCA), containment, and recovery, in collaboration with the wider security organization and AWS incident response best practices.

Creating and maintaining a library of test cases and attack simulations specifically tailored for AWS cloud environments, web applications, and APIs for continuous testing.

Your qualifications

We would like to hear from you if you have an engineering degree or equivalent, and have successful experience in the field of cybersecurity, particularly within AWS cloud environments:

You have proven experience in offensive security, penetration testing, or ethical hacking, with a strong focus on web applications and APIs.

You have a strong background in performing STRIDE or other threat modeling methodologies, ideally applied to cloud-native architecture.

You have demonstrated the ability to uncover vulnerabilities in complex applications and infrastructures, with specific experience in AWS services and configurations.

You are proficient in penetration testing tools like Burp Suite, Metasploit, Nessus, Nmap, and have experience with tools relevant for cloud security assessments.

You have knowledge of scripting languages such as Python, Bash, or PowerShell for creating test scenarios, automation, and custom tools, especially for interacting with AWS APIs.

Strong understanding of AWS security services (e.g., IAM, Security Groups, NACLs, WAF, GuardDuty, CloudTrail, Config) and their practical application in securing cloud workloads.

Familiarity with common web applications and API security vulnerabilities (e.g., OWASP Top 10, API Security Top 10) and their exploitation/mitigation.

You can understand complex products, solutions, and issues within an AWS context and are able to report consistently, concisely, and effectively on our SaaS Security posture to the various stakeholders, allowing for management prioritization, investment, and reporting.

Must-have: We need candidates who already have experience in AWS Cloud

Security and Threat modeling.

Nice-to-have: Practical experience in performing penetration tests on APIs and

web applications.