Senior AWS Security Engineer

Location

Remote

Employment Type

Full-Time

Role Overview

We are seeking an experienced Senior AWS Security Engineer to join our cybersecurity team and lead the deployment, operation, and continuous improvement of security controls across cloud and enterprise environments.

The ideal candidate will possess strong hands-on expertise in AWS security services, cloud security architecture, security operations, incident response, vulnerability management, and automation. This role requires a proactive security professional capable of identifying risks, implementing effective security controls, and collaborating with both technical and business stakeholders to strengthen the organization's overall security posture.

This position combines operational security engineering, cloud security architecture, incident response, and security automation responsibilities within a fast-growing and highly collaborative environment.

Key Responsibilities

Cloud Security Engineering

• Design, deploy, configure, and maintain AWS security services and controls.
• Implement and manage:
• AWS Control Tower
• AWS Organizations
• IAM Identity Center
• CloudTrail
• GuardDuty
• AWS Systems Manager (SSM)
• AWS WAF
• AWS Shield
• Review and optimize IAM policies, trust policies, and security controls.
• Monitor AWS environments for security threats, vulnerabilities, and compliance issues.
• Implement cloud security best practices and governance frameworks.

Security Operations

• Manage and maintain enterprise security tools and platforms.
• Monitor security events and investigate alerts.
• Support incident detection, response, containment, and recovery activities.
• Manage endpoint security, anti-malware, IDS/IPS, DLP, and security monitoring systems.
• Conduct root cause analysis and remediation activities following security incidents.

Vulnerability & Risk Management

• Conduct vulnerability assessments and remediation tracking.
• Support cyber asset management initiatives.
• Develop and implement risk reduction strategies.
• Participate in phishing simulations and awareness programs.
• Perform third-party and fourth-party security assessments.
• Collaborate with business and technical teams to mitigate identified risks.

Security Architecture & Governance

• Assess system designs and architecture against security requirements.
• Recommend security controls aligned with industry standards and best practices.
• Develop security policies, procedures, standards, and implementation templates.
• Support compliance with security frameworks and regulatory requirements.
• Contribute to security strategy and roadmap planning.

Automation & Continuous Improvement

• Develop automation scripts and workflows to improve security monitoring and operational efficiency.
• Implement automated health checks and monitoring for security platforms.
• Generate metrics, dashboards, and reports on:
• Security posture
• Compliance status
• Tool health
• Risk exposure
• Identify opportunities to enhance security operations through automation.

Vendor & Stakeholder Management

• Manage relationships with MSSPs, vendors, and service providers.
• Monitor vendor SLAs and security performance.
• Collaborate with internal stakeholders to understand business requirements and integration needs.
• Communicate security risks and recommendations to both technical and non-technical audiences.

Required Qualifications

Education

• Bachelor's Degree in Computer Science, Cybersecurity, Information Technology, or related field.
• Equivalent practical experience may be considered.

Experience

• Minimum 3 years of AWS Security Engineering experience.
• Minimum 3 years of experience in cybersecurity operations, incident response, or cloud security.
• Experience implementing and validating technical security controls.
• Hands-on experience managing enterprise security technologies.
• Experience with Linux administration and troubleshooting.
• Experience developing automation scripts using Python.

Technical Requirements

AWS Security

• AWS Control Tower
• AWS Organizations
• IAM Identity Center
• CloudTrail
• GuardDuty
• AWS Systems Manager (SSM)
• AWS WAF
• AWS Shield
• Security Control Policies (SCPs)

Security Operations

• Endpoint Detection & Response (EDR)
• IDS/IPS
• DLP
• SIEM solutions
• Security Monitoring
• Malware Detection & Analysis
• Digital Forensics
• Incident Response

Identity & Access Management

• Active Directory
• SAML
• Single Sign-On (SSO)
• OAuth
• IAM Policies

Infrastructure

• Linux / Unix Administration
• Networking Protocols:
• TCP/IP
• DNS
• HTTP
• SSL/TLS Security

Programming & Automation

• Python (required)
• Experience with Java, Go, C++, or similar languages is a plus.

Preferred Certifications

• AWS Certified Security – Specialty
• CISSP
• GIAC Certifications (SANS)
• CCSP
• Security+
• Relevant cloud security certifications.

Preferred Candidate Profile

The ideal candidate will:

• Be highly self-motivated and proactive.
• Possess strong troubleshooting and analytical skills.
• Have excellent communication and stakeholder management abilities.
• Be comfortable working independently within a lean security team.
• Demonstrate a strong understanding of modern cloud security threats and mitigation strategies.
• View security as a business enabler rather than a blocker.

Key Technologies

AWS: CloudTrail, GuardDuty, Control Tower, IAM Identity Center, WAF, Shield, SSM

Security: EDR, IDS/IPS, DLP, SIEM, Vulnerability Management, Incident Response

Operating Systems: Linux, Unix, Windows

Programming: Python

Networking: TCP/IP, DNS, HTTP, SSL/TLS

<