AWS Security Cloud Engineer (ONSITE)

We are looking for a hands-on Cloud Engineer to build and operate the cloud foundation for our connected product platform. This role will support customer identity, mobile app APIs, product telemetry, secure command relay, device registry, diagnostics, logging, OTA readiness, and future AI/resource intelligence capabilities.

This is an onsite role based in Irvine, California.

Role Summary This person must be technically hands-on, but also capable of independently managing small technical initiatives from requirements through delivery. The role requires working closely with mobile app developers, hardware engineers, international engineering teams, vendors, cybersecurity advisors, and business stakeholders. This is not a narrow DevOps role. The right candidate must be a practical cloud engineer who can build, document, coordinate, follow up, and drive execution across teams.

Responsibilities

Cloud Platform Development

• Design and build AWS architecture for connected product telemetry, command relay, APIs, logging, diagnostics, and device registry.
• Build secure backend services for mobile app and HMI integration.
• Support MQTT and/or HTTPS communication between connected products and cloud services.
• Create scalable data models for products, devices, customers, owners, VIN/unit records, warranty, and support linkage.
• Build development, test, and production-ready cloud environments.
• Document architecture clearly for executives, vendors, and future engineers.

IAM and Access Control

• Integrate customer identity and access management platforms such as Descope, Auth0, AWS Cognito, Okta, or similar tools.
• Support user roles such as owner, admin, technician, internal operator, and test user.
• Implement role-based access control for mobile app and cloud APIs.
• Enforce MFA for privileged access.
• Design secure customer-to-product ownership and permission mapping.
• Support future guest access, service access, and dealer/service partner access models.

Mobile App Backend Support

• Build backend APIs for login, product dashboard, system status, selected controls, diagnostics, and support workflows.
• Provide test endpoints and sample data for mobile app developers.
• Work with UI/UX and mobile app vendors to define API contracts.
• Support integration between mobile app, cloud, IAM, and connected product systems.
• Maintain API documentation and integration guides.

Device Registry and Product Data Model

• Define registry structure for product ID, VIN/serial number, cloud device ID, owner, warranty status, service status, and support relationship.
• Support future linkage to CRM, customer support, dealer operations, and warranty workflows.
• Build APIs or data export structures for future business system integration.
• Maintain accurate records for development units, test units, and future production units.

Security and Cloud Operations

• Implement least-privilege IAM policies.
• Secure API endpoints and command paths.
• Build logging, monitoring, alerting, and audit trails.
• Support secrets management and environment separation.
• Define cloud-to-product network security requirements.
• Support vendor security reviews and basic incident response planning.
• Ensure customer and product data is handled securely.
• Maintain secure development and deployment practices.

Pay: $150,000.00 - $180,000.00 per year

Do you have experience in Scalability?, Somewhat of a generalist that knows AWS, IoT, ISO security protocols( ISO 24241 is preferred) database security(not customer-facing security), mobile security.