Infrastructure

Cloud Security Engineer

RedStream Technology

Cloud Security Engineer Waltham, MA

Cloud Security Engineer

– Contract role, Waltham, MA

RedStream Technology is recruiting for an experienced Cloud Security Engineer.  This project is to work on a Global, large scale AWS implementation, insuring the security is first in class and while meeting the business, application and compliance requirements.

Experience:

  • Three or more years of experience as hands-on security engineer in a large scale regulated enterprise customer environment or professional services consulting engagement(s) of a similar scope
  • Proven track record as a key contributor to multi-account/inter-region AWS solutions with focus on compliance and security best practices including design and implementation of security controls mapped to industry standards and regulatory frameworks (e.g. NIST 800-53, AWS Foundational, CIS, PCI DSS, etc)
  • Experience with identification of layered security and compliance controls (directive, detective, preventative and corrective) and their applicability to a variety of AWS services guided by customer’s requirements
  • Mastery of AWS native services, tools and features such as IAM, Organizations/SCPs, KMS, Control Tower, Config, Security Hub, Guard Duty, CloudTrail, Secrets Manager as instruments for centralized, scalable and provable cloud security
  • In-depth understanding and practical knowledge of resource-level controls to enforce strong boundary protection and ensure confidentiality as well as data loss prevention via distributed policy (e.g. bucket, endpoint, key, etc) and configuration (e.g. data at rest / in transit encryption, SSL termination, etc)
  • Fluency in at least one scripting language (Python and Bash preferred) and ability to build fully automated custom checks to evaluate cloud environment’s components detecting misconfigurations as well as remediation actions using Lambda and Event Bridge
  • Hands on experience and ability to express the desired state via declarative IaC tools such as CFN or TF as well as imperative (CDK, Troposphere) and familiarity with the associated DevOps practices aimed at producing repeatable and fully automated solutions
  • Familiarity with 3rd party security operations and posture management products (e.g. Splunk, Checkpoint Dome9, Palo Alto Prisma Cloud, Rapid7 DivvyCloud, etc) and open source tools
  • Excellent communication skills including the ability to communicate to internal Risk and InfoSec organizations as well as willingness to transfer knowledge to customer’s engineering teams
  • AWS Security Specialty and/or Architect Pro Certifications
  • Recognized Information Security Industry Certifications

Tagged as: Cloud Security Engineer