Senior Cloud Security Engineer

Job Description

Job Summary

Key Responsibilities

• Design, implement, and manage **secure cloud architectures** across AWS environments.
• Lead **DevSecOps initiatives**, integrating security across CI/CD pipelines and development workflows.
• Architect and deploy **automated security solutions (SOAR, SIEM integrations)** for threat detection and remediation.
• Manage **IAM, PAM, and identity federation systems** including AWS IAM Identity Center and third-party IdPs.
• Develop and maintain **Infrastructure as Code (IaC)** using Terraform, CloudFormation, and Ansible.
• Build and optimize **CI/CD pipelines** using tools such as GitLab CI/CD and Jenkins.
• Implement **incident response frameworks** and automate remediation workflows using AWS services (Lambda, Step Functions).
• Ensure **cloud compliance and governance** aligned with standards such as NIST, CIS, and FedRAMP.
• Manage and secure **containerized environments** (Docker, Kubernetes, EKS).
• Oversee **vulnerability management and endpoint security** using tools like CrowdStrike, Qualys, Wiz, etc.
• Design and implement **disaster recovery and business continuity strategies** across multi-region architectures.
• Monitor systems using **observability tools** like Splunk, Prometheus, Grafana, and Datadog.
• Secure networking architecture including **VPCs, VPNs, Transit Gateway, and PrivateLink**.
• Automate operational and security processes using **Python, Bash, and PowerShell scripting**.
• Conduct **security assessments, audits, and risk mitigation strategies**.
• Mentor junior engineers and collaborate cross-functionally with DevOps, Security, and Engineering teams.

Cloud & Devops

• Strong hands-on experience with **AWS (core services, security, networking, compute)**
• Experience with **Azure and/or multi-cloud environments** is a plus
• Expertise in **CI/CD, GitOps, and automation pipelines**

Security

• Strong understanding of **cloud security frameworks and best practices**
• Hands-on experience with **SIEM (Splunk), SOAR, EDR, CSPM tools**
• Knowledge of **IAM, encryption (KMS), secrets management, and network security**

Infrastructure & Automation

• Proficiency in **Terraform, CloudFormation, Ansible**
• Experience with **containerization & orchestration (Docker, Kubernetes, EKS)**
• Strong scripting skills (**Python, Bash, PowerShell**)

Monitoring & Operations

• Experience with **logging, monitoring, and alerting systems**
• Strong troubleshooting and incident response capabilities

Preferred Qualifications

• **AWS Certified Solutions Architect – Professional**
• **AWS Certified Security – Specialty**
• Experience with **FedRAMP, NIST, CIS compliance frameworks**
• Exposure to **AI/ML security practices** is an advantage