Job Description
Position Overview
We are seeking a highly capable and motivated Security Engineer to help secure our cloud infrastructure and applications across AWS and Azure. This role is ideal for someone with a strong foundation in software development, cloud security engineering, and automation. You will work closely with engineering and DevOps teams to review architectures, implement security controls, and build automation to support secure and efficient go-live processes.
Key Responsibilities
Security Engineering: Implement and maintain security controls in AWS and Azure environments, including IAM, encryption, logging, and monitoring.
Architecture Review Support: Participate in software and infrastructure architecture reviews to identify and mitigate security risks.
Automation Development: Build and maintain tools and scripts to automate go-live security reviews and integrate security checks into CI/CD pipelines.
Collaboration: Work closely with development, DevOps, and compliance teams to ensure security is embedded throughout the software delivery lifecycle.
Threat Modeling & Risk Assessment: Assist in conducting threat modeling and risk assessments for new and existing services.
Incident Response: Support incident response efforts by helping investigate and remediate cloud-related security issues.
Continuous Improvement: Contribute to the evolution of security standards, processes, and tooling.
Required Qualifications
5+ years of experience in security engineering or related roles.
Proficiency in at least one programming or scripting language (e.g., Python, Go, Java).
Hands-on experience with AWS and/or Azure security services.
Expertise with infrastructure-as-code/configuration-as-code tools (e.g., Terraform, CloudFormation, Bicep, Ansible, Puppet).
Familiarity with CI/CD pipelines and DevSecOps practices.
Strong understanding of cloud security fundamentals and best practices.
Excellent communication and collaboration skills.
Preferred Qualifications
Security certifications such as AWS Certified Security Specialty, Azure Security Engineer Associate, or equivalent.
Experience with container security (e.g., Kubernetes, EKS, AKS) and serverless architectures.
Knowledge of compliance frameworks (e.g., CJIS, SOC2, NIST800-53, ISO27002).
Exposure to security frameworks like NIST CSF, MITRE ATT&CK, or CSA CCM.
