Secret Cloud Security Engineer - AWS
Role details
Job location
Tech stack
Job description
-
Ensure AWS environments are securely configured and aligned with industry best practices.
-
Validate compliance with STIGs and CIS benchmarks across cloud infrastructure.
-
Monitor and assess environments to maintain alignment with NIST 800-53 security controls.
-
Identify security gaps and create/manage tickets for remediation efforts.
-
Schedule and lead meetings with stakeholders to review findings, vulnerabilities, and configurations.
-
Collaborate with DevOps, IT, and Compliance teams to support secure cloud operations.
-
Automate security workflows using cloud-native tools and scripting (Python, Terraform, CloudFormation).
-
Maintain documentation for security policies, procedures, and configurations.
-
Stay current with AWS security developments, compliance standards, and emerging threats.
Requirements
-
Strong hands-on experience with AWS security services including IAM, KMS, CloudTrail, GuardDuty, Security Hub, and WAF.
-
Deep understanding of secure cloud architecture and AWS infrastructure design.
-
Proficiency in network security concepts including VPCs, security groups, NACLs, VPNs, and firewalls.
-
Experience with compliance frameworks such as STIGs, CIS benchmarks, and NIST 800-53.
-
Scripting and automation experience using tools such as Python, Terraform, or CloudFormation.
-
Experience with security tools such as Wiz, Tenable, or similar platforms.
-
Familiarity with SIEM tools for query creation and alerting (preferred).
-
Strong problem-solving, communication, and stakeholder engagement skills.
-
Relevant certifications such as AWS Certified Security - Specialty or CISSP preferred.
-
Must have or be able to obtain Secret Clearance
Benefits & conditions
-
Salary range: $100,000 - $135,000
-
Comprehensive benefits package including medical, dental, vision, and 401(k)
-
Hybrid work environment (2 days onsite per week)