Security Engineer (Cloud Security)

Responsibilities

Cloud Security Engineer

You will manage CSPM tool and processes to detect misconfigurations, compliance violations, and security risks across AWS services. Working closely with Infrastructure engineering team, you will design and implement automated remediation workflows, respond to security incidents, and participate in daily on-call rotations.

If you are passionate about cloud security, automation, and proactive risk mitigation, this role offers an excellent opportunity to make a measurable impact.

In this role, y ou will also be responsible to:

• 
  

  Continuously monitor AWS cloud environments using CSPM tools to identify misconfigurations, vulnerabilities, and compliance gaps.



• 
  

  Develop, implement, and maintain automated remediation and alerting workflows to quickly address security risks.



• 
  

  Collaborate with Infrastructure engineering, DevOps, SRE and security teams to embed security best practices in cloud architecture and deployment pipelines.



• 
  

  Lead incident response efforts for cloud security incidents, conducting root cause analysis and coordinating remediation.



• 
  

  Participate in daily on-call rotations to provide timely response to security alerts and incidents.



• 
  

  Manage and optimize CSPM platform to ensure accurate visibility and reporting of cloud security posture.



• 
  

  Conduct risk assessments and compliance checks against standards such as CIS AWS Foundations, AWS we'll-Architected Framework, SOC 2, ISO 27001, and GDPR.



• 
  

  Create detailed documentation, dashboards, and reports to communicate cloud security posture and risks to stakeholders and management.



• 
  

  Stay updated on the latest AWS security features, threats, and best practices to continuously enhance cloud security posture.

Requirements

Qualifications / Experience / Technical Skills

• 
  

  3 to 6 years of experience in cloud security, with a focus on AWS environments and CSPM tools.



• 
  

  Strong knowledge of AWS services, security controls, and shared responsibility model.



• 
  

  Proven experience with CSPM platforms such as Wiz, Prisma Cloud, Dome9, Lacework, or AWS Security Hub.



• 
  

  Expertise in identifying and remediating cloud misconfigurations and vulnerabilities.



• 
  

  Experience developing security automation using scripting languages (Python, PowerShell) or cloud-native tools (AWS Lambda, CloudFormation).



• 
  

  Hands-on experience in incident response and participation in on-call rotations.



• 
  

  Familiarity with compliance frameworks like CIS benchmarks, SOC 2, ISO 27001, and GDPR.



• 
  

  Strong understanding of Infrastructure as Code (IaC) concepts and experience writing IaC templates using tools like Terraform, CloudFormation, or Ansible.



• 
  

  Experience integrating IaC security scanning tools (e. g. , Checkov, tfsec, Terrascan) into CI/CD pipelines to automate detection of misconfigurations and enforce security compliance.



• 
  

  Ability to write and maintain IaC security policies to enforce organizational security standards, including defining, testing, and updating policies for continuous compliance.



• 
  

  Relevant certifications such as AWS Certified Security Specialty, Certified Cloud Security Professional (CCSP), or equivalent.



• 
  

  Strong collaboration and communication skills to work effectively across teams.



• 
  

  Willingness to travel occasionally as required.

Soft Skills / Personal Characteristics

• 
  

  Strong problem-solving and analytical skills with an automation-first mindset.



• 
  

  Excellent communication and collaboration skills to work across teams.



• 
  

  Ability to work independently and manage multiple tasks effectively in a fast-paced environment

(REQ ID: 2337)