Staff AWS Cloud Security Engineer

about 19 hours ago

Foster City, CA, USA

Staff+

H1B Sponsor

Base Salary

$219k - $263k/yr

Responsibilities

Design and implement enterprise-grade AWS security architectures using zero-trust principles.
Develop organization-wide security standards for IAM, VPC configurations, and data protection mechanisms.
Architect multi-account AWS environments with Security Hub, GuardDuty, and AWS Config integrations.
Lead Cloud Security Posture Management (CSPM) initiatives using Infrastructure-as-Code.
Design and support secure network architectures using AWS constructs.
Implement layered defenses with WAF, Firewalls, Security Groups, and Network ACLs.
Establish risk-based vulnerability prioritization frameworks for cloud assets.
Develop automated remediation pipelines using CI/CD tools.
Conduct attack surface analysis through cloud-specific threat modeling.
Mentor a team of Cloud Security Analysts.
Lead cross-functional collaboration with SRE, ProdSec, IT, and Software Engineering teams.
Develop security training programs and cloud security certification paths.
Oversee vendor relationships for cloud security tooling and services.

10+ years of Security Engineering experience in production and/or DevOps environments.
Proficiency with security automation using Python/Go and/or Terraform.
Experience with cloud platform system/network vulnerability scanning tools.
Deep understanding of NIST CSF, MITRE ATT&CK Cloud Matrix, and CIS AWS Benchmarks.
Strong understanding of vulnerability scoring frameworks and business risk decision making.
Experience with hybrid enterprise environments and DevOps tools.
Expert-level AWS security implementation experience.

AWSGoPythonTerraform