Cloud Security Engineer

November 7

Apply Now

Description

• Job Summary: We are seeking a highly skilled Cloud Security Engineer to join our dynamic Security Operations team. • In this role, you will be responsible for managing the security of our AWS public cloud infrastructure and AWS cloud services. • You will play a crucial role in implementing and maintaining security controls to ensure compliance with FedRAMP and CMMC standards. • Responsibilities: AWS Security Management. • Oversee and manage the security posture of AWS cloud infrastructure, including EC2, S3, FSX, and other AWS services. • Implement and manage AWS security features and tools such as IAM, Security Groups, VPC, Control Tower, CloudTrail and AWS Security Hub. • SIEM Integration. • Work with SIEM solution provider in integrating security events from AWS CloudTrail, AWS Security Hub, or other AWS security services into the SIEM for event correlation and incident management purposes. • Vulnerability Management. • Conduct regular security assessments, audits, and vulnerability scans of AWS environments to identify and address potential risks. • Leverage AWS security advisory services and vulnerability scanning tools. • Compliance & Risk Management. • Develop and enforce security policies and procedures to maintain FedRAMP and CMMC compliance within AWS environments. • Collaborate with internal teams to ensure that all cloud deployments adhere to regulatory and compliance requirements. • Prepare, manage, and present evidence for audits, compliance reviews, and certifications. • Security Controls Implementation. • Design, implement, and monitor security controls to protect AWS resources and sensitive data where needed. • Utilize AWS security best practices to configure and manage encryption, access controls, and network security measures. • Infrastructure Hardening. • Work with DevOps and Operations teams in hardening EC2 servers and other AWS services following industry benchmarks such as CIS. • Collaboration and Training. • Work in close collaboration with DevOps and Operations teams to integrate security practices into the development and deployment processes. • Provide guidance and training to team members on AWS security practices and FedRAMP/CMMC compliance requirements. • Attack Surface Management. • Provide regularly scanning and information gathering on Internet provided services to identify any exposures of sensitive information or vulnerabilities available to potential attackers. • Threat Hunting. • Proactive review of logs, security alerts, and actively scanning and monitoring to discover any potential threat actors or security risks in the AWS environments. • Incident Detection & Response. • Work in collaboration with 3rd party SOC services for security monitoring and reviewing any suspicious activity or incidents raised by SOC teams. • Assist in the containment, response and remediation efforts for any confirmed security incidents within AWS infrastructure. • Escalate security incidents following the company’s Incident Response Plan. • Security Threat Research. • Leverage industry resources to stay current on evolving threats and security risks related to AWS public cloud services.

Requirements

• Certifications: A WS Security Specialist certification • Education: Bachelor's degree in IT, or equivalent experience in a related field. • Experience: Minimum of 3-5 years of experience in a cloud security role • Skills: Proficiency with security tools such as Tenable Nessus and technologies related to AWS cloud environments. • Strong problem-solving skills and the ability to respond effectively to security incidents. • Excellent communication skills with the ability to convey complex security concepts to both technical and non-technical stakeholders. • Preferred Requirements: Other relevant security certifications (e.g., CISSP, CISM, CISA) are a plus. • Experience and strong understanding of NIST 800-53 security standards • Experience with AWS CLI, Terraform or other DevOps tools

Apply Now
Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or lior@remoterocketship.com