Cyber Security/ Cloud Security Engineer - US

Required Qualications

• Minimum 2–3 years of hands-on experience designing, deploying, and managing AWS infrastructure using services such as EC2, S3, IAM, Lambda, and CloudFormation.
• Practical understanding of securing cloud-native applications and infrastructure, including identity and access management, encryption, network security, and threat detection in AWS.
• Solid grasp of core cybersecurity principles including defense-in-depth, least privilege, and secure authentication/authorization mechanisms.
• Familiarity with OWASP Top 10 vulnerabilities and mitigation strategies, especially in the context of cloud-native and containerized applications.
• Working knowledge of regulatory and industry standards such as NIST 800-53, PCI-DSS, SOX, and how they apply to cloud environments.
• Ability to articulate differences between cloud-native and traditional on-premises architectures, including scalability, security, and operational models.
• Experience using AWS-native security tools such as IAM, KMS, GuardDuty, Config, CloudTrail, and WAF to secure workloads.
• Demonstrated experience integrating security tooling (e.g., SAST, SCA, IaC scanning) into CI/CD workflows (i.e. GitLab Pipelines, GitHub Actions, etc.).
• Working knowledge of Cloud-Native Application Protection Platforms (CNAPP) and Cloud Security Posture Management (CSPM) tools such as Wiz, Orca, Prisma Cloud, or AWS-native equivalents, with experience in integrating and operationalizing them in cloud environments.
• Experience working in Agile teams, participating in sprint planning, retrospectives, and iterative development cycles.
• Proficiency in at least one scripting language (e.g., Python, Bash, JavaScript, Go) for automation, tooling integration, and pipeline customization.
• Strong documentation skills with a focus on clarity, reproducibility, and auditability of security controls and engineering work.
• Proven ability to work independently, manage priorities, and follow through on tasks with minimal supervision.
• Familiarity with change management processes in cloud environments, including documenting, reviewing, and implementing changes in accordance with organizational policies and compliance requirements.

Preferred/ Nice to Have

• Experience with AWS Identity Center, Security Hub, Secrets Manager, KMS, Certificate Manager, and Inspector for centralized security management and threat detection.
• Familiarity with analyzing logs from AWS CloudTrail, VPC Flow Logs, and other sources to investigate security events and vulnerabilities.
• Applied experience in automating security workflows and orchestrating responses using tools like AWS Lambda, Step Functions, or third-party platforms.
• Hands-on experience implementing controls to meet compliance requirements and participating in audits or assessments.
• Experience integrating security alerts or vulnerability data into ServiceNow for ticketing and workflow automation.
• Understanding of Configuration Management Databases and experience integrating cloud asset data into CMDB systems for visibility and governance.