AWS Cloud Security Engineer

Guidehouse Inc.
McLean, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

McLean, United States of America

Tech stack

Amazon Web Services (AWS)
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Software System Penetration Testing
Bash
Cloud Computing Security
Computer Security
Continuous Integration
DevOps
Github
Identity and Access Management
Intrusion Detection and Prevention
Information Systems Security Architecture Professional
Python
Key Management
Datadog
Data Logging
Delivery Pipeline
Kubernetes Helm Charts
Infrastructure as Code (IaC)
Cloudformation
Amazon Web Services (AWS)
Information Technology
Deployment Automation
Sentry
Route53
Functional Programming
CIS Benchmarks
Terraform
Vulnerability Analysis

Job description

  • We are seeking an experienced AWS Security engineer to design, implement and maintain security controls across AWS cloud environments.
  • This role will focus on safeguarding cloud workloads, ensuring compliance with industry standards, and driving best practices in identity management, monitoring, and threat detection.
  • The ideal candidate is hands-on with AWS security services, has deep knowledge of cloud security frameworks, and can partner with engineering and operations teams to embed security into every layer of the infrastructure.
  • Design and implement secure architectures within AWS using services such as IAM, KMS, CloudTrail, Config, and third-party tools/services like Sentry, Datadog etc.
  • Implement and manage centralized logging, monitoring, and alerting solutions. Conduct threat modeling, vulnerability scanning, and penetration testing.
  • Ensure AWS environments comply with security frameworks (CIS Benchmarks, NIST, HIPAA, FedRAMP, SOC 2 etc.) as applicable.
  • Support incident detection, investigation and response within AWS workloads. Maintain and monitor audit trails across accounts and services. Work with compliance and risk teams to align security with regulatory requirements.
  • Automate security controls and compliance checks with Infrastructure as Code (IaC) (Terraform, CloudFormation etc.).
  • Integrate security into CI/CD pipelines, enabling secure build and deployment processes. Collaborate with DevOps/Engineering teams to implement "shift-left" security practices.

Requirements

  • US Citizenship or Green Card is required

  • Must be able to OBTAIN and MAINTAIN a Federal or DoD "PUBLIC TRUST"; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred.

  • Bachelor's degree in computer science, cyber security, engineering or related field. Additional Four (4) expedience can be used in lieu of degree.

  • Minimum EIGHT (8) years of prior relevant experience in cloud security or cybersecurity roles, with Minimum FIVE (5) years focused on AWS security.

  • Expertise in AWS core services (EC2, S3, RDS, Lambda, ECS/EKS, CloudFront, Route 53, IAM, etc.)

  • Assist senior transition team in account handoff validation, CI/CD pipeline validation, GitHub Actions audit, CodeBuild job review, Argo sync check, artifact migration, secrets verification, deployment dry runs, rollback prep, cutover support.

  • Monitor deployment pipeline and build status, build troubleshooting, deployment automation, Helm chart maintenance, Dockerfile updates, environment config management, release coordination, developer support.

  • Ownership of services like GitHub Actions, AWS CodeBuild, ArgoCD, Helm charts, Dockerfiles, secrets management, environment variables, deployment workflows, Terraform templates.

  • Proven ability to work autonomously and collaborate, mentor, help, and support other team members, as needed to solve complex operational and reliability problems.

  • Strong development background in Python, Bash or similar

  • AWS Certified Security - Specialty (Highly desirable).

  • AWS Certified Solutions Architect or DevOps Engineer certifications.

  • CISSP, CISM or GIAC certifications.

Benefits & conditions

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

  • Medical, Rx, Dental & Vision Insurance
  • Personal and Family Sick Time & Company Paid Holidays
  • Parental Leave
  • 401(k) Retirement Plan
  • Group Term Life and Travel Assistance
  • Voluntary Life and AD&D Insurance
  • Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
  • Transit and Parking Commuter Benefits
  • Short-Term & Long-Term Disability
  • Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
  • Employee Referral Program
  • Corporate Sponsored Events & Community Outreach
  • Care.com annual membership
  • Employee Assistance Program
  • Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
  • Position may be eligible for a discretionary variable incentive bonus

Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

Apply for this position