Cloud Security Engineer

We are seeking a Cloud Security Engineer who is passionate about building secure, scalable cloud environments and reducing risk through a proactive, data-driven approach. In this role, you will help shape and strengthen cloud security across AWS and Azure environments while supporting compliance with federal and industry regulations.

You will collaborate closely with engineering, infrastructure, and business teams to design, implement, and continuously improve cloud security controls, monitoring, and incident response capabilities., * Analyze cloud security risks, technologies, and requirements to ensure adherence to best practices and regulatory standards

• Partner with cloud engineering teams to define and implement security baselines and guardrails
• Architect and implement security controls for AWS-hosted applications and Azure multi-tenant environments
• Design and maintain secure infrastructure using Infrastructure as Code (Terraform, CloudFormation)
• Strengthen DevSecOps practices by integrating security into CI/CD pipelines (GitHub Actions)
• Lead cloud security monitoring strategy, including metrics, tooling, and reporting
• Develop and maintain cloud security incident response playbooks
• Collaborate cross-functionally to design and optimize cloud security processes and controls
• Support compliance tracking and reporting for external agencies and customers

Incident Response

• Lead cloud security incident investigations and response efforts
• Enhance automated threat detection and response capabilities
• Analyze logs and alerts across cloud environments (CloudTrail, VPC flow logs, firewalls, SIEM tools)
• Participate in Security Incident Response Team activities and vulnerability management efforts
• Serve as an on-call cloud security contact and escalation point
• Provide guidance to IT and business teams on incident response and remediation

Continuous Improvement

• Drive ongoing enhancements to cloud security processes and controls
• Incorporate feedback from stakeholders to improve security effectiveness, The Information Security & Risk Management team provides leadership in protecting the organization's information assets and ensuring compliance with federal and state regulations. The team drives enterprise-wide security strategy, risk management, incident response, and continuous improvement to maintain secure and resilient operations.

• 5+ years of experience in cloud security, cybersecurity, or related field
• Strong experience working in AWS environments, including hands-on use of tools such as GuardDuty, Security Hub, Inspector, Detective, and IAM
• Experience supporting regulatory frameworks such as FedRAMP, FISMA, NIST, HIPAA, ISO, or similar
• Background working in 24x7 operational environments
• Experience with DevSecOps, CI/CD pipelines, and automated security tooling

Technical Skills

• Deep expertise in AWS security architecture and services
• Strong understanding of IAM, Infrastructure as Code, and cloud-native security controls
• Experience with Terraform, GitHub, and CI/CD pipeline security integration
• Knowledge of threat modeling and cloud risk assessments
• Familiarity with MFA, conditional access, and identity risk policies

Certifications (At least one preferred)

• AWS Certified Security - Specialty
• Certified Cloud Security Professional (CCSP)
• CISSP or equivalent cloud/security certification, * Strong analytical and problem-solving skills
• Ability to translate complex security risks into actionable solutions
• Excellent communication skills with both technical and non-technical stakeholders
• High attention to detail and strong organizational skills
• Self-starter who thrives both independently and in a collaborative team environment

Pulled from the full job description

• Tuition reimbursement
• Paid parental leave
• Parental leave
• Health insurance
• 401(k) matching
• Paid time off
• Vision insurance, * Generous 401k plan: 100% match of employee's contribution, up to a maximum of 6% salary, vests immediately.
• Bonus Opportunity: Qualifying employees can earn up to 7% of their salary, based on company performance. (Inquire about eligibility with our recruiter)
• Lots of paid time off: 3 weeks' vacation, 7 sick days, 3 personal days, and 12 paid holidays!
• Competitive benefits include health, dental, vision, disability, life, legal, flexible spending account (FSA) and Health Savings Account (HSA) options.
• 6 weeks fully-paid parental leave
• Tuition reimbursement program to support career goals.
• Corporate giving and matching gifts program.
• Volunteer program: Paid time off to volunteer and company-organized volunteering opportunities.
• A wide variety of personal, professional, and career development programs.
• Comprehensive wellness program offering a variety of resources and activities to help support your well-being in the following areas: career, financial, mental, emotional, physical, social and community.

All offers of employment with FedPoint are conditional upon satisfactory completion of a pre-employment background check.

FedPoint creates and operates digital benefits marketplaces that make it easy for our millions of federal and military customers to understand, select, and use their benefits. A subsidiary of John Hancock Life & Health Insurance Company, FedPoint was founded in 2002 and is headquartered in Portsmouth, NH. To learn more, visit fedpointusa.com. Why Join Us? At FedPoint, our mission is to create and deliver world-class benefits experiences for our customers, clients, and business partners. We offer a dynamic work environment where innovation and collaboration are encouraged. You'll have the opportunity to make a significant impact while honing your skills and advancing your career. In addition to working for a company with great people and an excellent reputation, what's in it for you?