Cloud Security Engineer

Pay: $125,000 - $165,000

Location: Irvine, CA

Fulltime/Onsite

Position Summary:

We are seeking a skilled Cloud Security Engineer with experience in AWS, Kubernetes, and containerized applications to join our engineering team. The ideal candidate will be responsible for planning, implementing, and maintaining the security of our cloud environments and for maintaining compliance with NIST SP 800-171 standards.

Essential Job Functions and Desired Accomplishments

1. Design and implement security architectures for AWS infrastructure, ensuring best practices in cloud security and containerized applications.
2. In compliance with NIST SP 800-171, conduct security risk assessments and vulnerability assessments on cloud resources, applications, and services.
3. Collaborate with Corporate Cybersecurity Lead on developing and maintaining security policies, training, and procedures related to cloud environments.
4. Lead the development of automated monitoring of cloud infrastructure for security incidents using tools such as AWS CloudTrail, CloudWatch, and GuardDuty.
5. Collaborate with cross-functional teams to integrate security into new features/software releases to ensure ongoing compliance.
6. Respond to security incidents, performing root cause analysis and remediation.
7. Provide security guidance and support during architecture reviews and system deployments and maintain cloud security risk register.
8. Stay updated with the latest security trends, threats, and technology solutions related to cloud security.
9. Participate in DevOps sprints by implementing (not just designing) security measures and contribute to routine DevOps sprints (as a lower priority).

Education/Qualifications/Certifications

Required:

1. Bachelor’s degree in Computer Science, Information Technology, or a related field.
2. Proven experience in cloud security engineering, with a strong focus on AWS, Kubernetes, and containerized applications.
3. Experience with cloud security frameworks such as CSA STAR, NIST, or ISO 27001.
4. Proficiency in scripting or programming languages (e.g., Python, Bash) for automation of security tasks.
5. Knowledge of IAM, VPC, security groups, EC2 instances, and other AWS services.
6. Experience with security tools such as AWS Security Hub, WAF, and third-party solutions (e.g., SIEM).
7. Problem-solving skills and the ability to work independently as well as in a team.

Desired:

1. Relevant security certifications (e.g., AWS Certified Security, CISSP, CISM, CKS) are a plus.