Cloud Engineer

We are seeking a mid-level AWS Cloud Security Engineer responsible for implementing and managing security measures within AWS cloud environments. The ideal candidate will have strong expertise in cloud security principles, coding, automation, and creating scalable security solutions. This role is crucial for ensuring the security, compliance, and efficiency of AWS infrastructure.

Key Responsibilities:

Security Implementation: Design and implement security best practices for AWS environments, focusing on security principles like least privilege, encryption, and network segmentation.

Automation: Develop automated security solutions and scripts using tools such as Python or Bash to streamline security processes.

Scalable Security Solutions: Create scalable security services that ensure AWS infrastructure remains secure as it grows.

Infrastructure as Code: Implement security policies and frameworks using Infrastructure as Code (IaC) tools such as AWS CloudFormation or Terraform.

Monitoring & Alerts: Set up security monitoring and alerting mechanisms to identify and mitigate security threats.

IAM Management: Manage and enforce Identity and Access Management (IAM) roles, ensuring proper access control policies are in place.

Collaboration: Work closely with DevOps and development teams to ensure security is integrated into the deployment and application lifecycle.

Key Requirements:

Experience: 5-12 years of hands-on experience in cloud security with a focus on AWS.

Security Knowledge: Strong understanding of cloud security principles, including identity management, encryption, and network security.

Coding & Automation: Proficiency in scripting and automation using Python, Bash, or similar languages.

AWS Services: Experience with AWS security tools such as GuardDuty, AWS Config, and AWS Security Hub.

Infrastructure as Code (IaC): Experience with CloudFormation, Terraform, or other IaC tools.

Preferred Qualifications:

Certifications: AWS Certified Security Specialty, AWS Certified Solutions Architect, or equivalent.

DevSecOps: Experience integrating security into CI/CD pipelines.

Container Security: Familiarity with container security (e.g., Docker, Kubernetes).