The Leader in Cloud-Based Field Service and Fleet Management Solutions for Companies With a Mobile Workforce.
Cloud Security Engineer
Location
United States
Posted
75 days ago
Salary
$120K - $145K / year
Seniority
Senior
Job Description
Cloud Security Engineer
WorkWave
• Cloud Governance & Guardrails: Lead the deployment and optimization of AWS Control Tower, Security Hub, and AWS WAF to establish a secure multi-account strategy. • Cloud Security Platform Ownership: Own cloud security outcomes across AWS (primary), Azure (secondary), and limited GCP, including secure landing zone standards, guardrails-as-code, detection coverage, and remediation automation. • Secure-by-Default Engineering: Design and implement reusable, secure-by-default cloud patterns that allow engineering teams to deploy safely without constant security intervention. Establish hardened Terraform modules, reference architectures, and baseline configurations so the secure path becomes the easiest path for teams building in AWS. • Container Security: Collaborate with the AppSec Architect to secure EKS and ECS environments, focusing on runtime protection, image scanning, and least-privilege orchestration. • Security Assessment & Roadmap: Perform a comprehensive baseline assessment of the current cloud environment to identify gaps and provide actionable, prioritized recommendations. • Identity & Access Management: Lead design and enforcement of least-privilege IAM architecture across AWS accounts and workloads. • Operational Excellence: Develop and maintain secure configuration standards, documentation, and operational procedures that enable engineering teams to consistently deploy and operate cloud services securely. • Detection & Telemetry Ownership: Partner with security operations to ensure security telemetry from AWS environments is complete, centralized, and actionable (CloudTrail, GuardDuty, VPC Flow logs, etc.). • Cloud Security & Compliance Alignment: Ensure cloud configurations and controls align with internal security standards and external compliance requirements (ISO 27001, SOC 2, etc.). Partner with Security and GRC teams to implement audit-ready controls, automate evidence collection where possible, and maintain clear documentation of cloud security control coverage. • Third-Party Integration: Manage secure access and configuration for security vendor tools (vulnerability scanners, assessment platforms, etc.) within the cloud environment. • Incident Response: Participate in an on-call rotation for one week at a time and serve as primary SME for cloud security incidents (IAM compromise, exposed keys, misconfigurations, etc.). • Vulnerability & Exposure Management: Build and run the cloud vulnerability management program for AWS and Azure workloads, container images, and base AMIs. Define severity-based SLAs, implement scalable scanning and patch workflows (e.g., AWS Inspector, ECR scanning, hardened base images), and partner with Engineering to reduce exploitable exposure. • Cloud Security Tooling Ownership: Own onboarding, coverage validation, and tuning of CSPM and MDR integrations across AWS, Azure and GCP. Drive measurable improvement in signal quality, alert fidelity, and remediation workflows through automation and engineering partnerships. • Secrets, Keys, and Credential Hygiene: Design and enforce secure secrets management patterns (AWS Secrets Manager/Parameter Store/Vault), automated rotation, and least-privilege secret access. Own KMS key strategy and governance (key policies, grants, rotation, separation of duties) and ensure no long-lived credentials in CI/CD. • CI/CD and Supply Chain Security: Secure the software delivery pipeline end-to-end, including identity federation for CI/CD, policy-as-code enforcement for Terraform and Kubernetes, artifact integrity controls (signing/provenance), and secure dependency/source controls. Ensure security guardrails are automated and developer-friendly. • Cloud Incident Readiness & Exercises: Build cloud-native incident playbooks (IAM compromise, crypto-mining, data exposure, suspicious network activity) and run periodic tabletop exercises. Ensure forensics readiness through log retention standards, immutable/auditable logging where appropriate, snapshot/containment procedures, and break-glass access controls. • Multi-Cloud & Hybrid Baselines: Establish minimum viable security baselines for Azure and GCP (identity, logging, storage, network, key management) and ensure telemetry parity into centralized detection. Partner with operation teams to secure hybrid connectivity with data center environments (segmentation, identity boundaries, secure administrative access). • Security Metrics & Continuous Improvement: Define and report on key cloud security metrics (coverage, misconfiguration trends, MTTR, control adoption, vulnerability SLAs). Use metrics to prioritize work, demonstrate risk reduction, and drive engineering alignment. • Leadership and Execution: Mentor other engineers and raise baseline security literacy in platform/DevOps teams through patterns, reviews, and internal enablement.
Job Requirements
- 5–8+ years of experience in Information Security, with at least 3+ years focused specifically on AWS Cloud Security.
- AWS Deep Dive: Deep hands-on experience designing and securing AWS environments, core services (IAM, VPC, S3, KMS) and security-specific services (GuardDuty, Inspector, Config).
- IaC Proficiency: Strong hands-on experience with Terraform for managing cloud infrastructure.
- Containerization: Proven experience securing containerized workloads in EKS or ECS.
- Azure Knowledge: Willingness to provide basic security support/maintenance for an existing Azure environment (Deep expertise not required; AWS is the priority).
- Consultative Mindset: Ability to assess a complex environment and provide a "roadmap to green" rather than just identifying problems.
- Collaborative Partnership: Ability to work side-by-side with engineers, speaking their language and helping them solve problems rather than just "blocking" tickets.
- Strategic Documentation: Capability to translate technical configurations into clear, repeatable processes and procedures.
- Automation First: A drive to automate manual security tasks to increase efficiency and reduce human error.
- Education/Certifications: Bachelor’s degree in Computer Science, Information Security, or a related field or equivalent work experience.
- Industry certifications such as Azure security certification, AWS Certified Security – Specialty or related are highly desirable.
Benefits
- Employees can expect a robust benefits package, including health and dental and 401k with company match
- Find your perfect work/life balance with our Flexible Time Off policy or generous PTO plan (role dependent) and paid holidays
- Up to 4 weeks paid bonding leave
- Tuition reimbursement
- Robust Employee Assistance Program through TotalCare offering free counseling 24/7/365, plus financial counseling, legal guidance, adoption assistance services and much more!
- 24/7 access to virtual medical care with Teladoc
- Quarterly awards based on peer nominations
- Regional discounts and perks
- Opportunities to participate in charitable events and give back to the community
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Security Electronics Technician III This position requires an active Department of Treasury clearance or the ability to obtain a Department of Treasury clearance to be considered. ***Position is Remote, must be local to the Dallas/Fort Worth, TX area*** We are seeking an experienced Electronic Tech with mandatory experience in Video Surveillance Systems (VSS), Access Control Systems (ACS) and Intrusion Detection Systems (IDS) systems to work closely with other members of the company's service team, engineering team, and directly with clients to, install, maintain, and/or repair integrated electronic security systems. Compensation & Benefits: Estimated Starting Salary Range for Security Electronics Technician III: $33.00 to $35.00 per hour. Pay commensurate with experience. Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided. Benefits are subject to change with or without notice. Security Electronics Technician III Responsibilities Include: - Planning, procurement, installation, daily on-site maintenance, upgrades, replacements, and preventive maintenance on all systems in addition to annual IDS testing. - Inventory capture of all electronic security equipment and updating as equipment is added, upgraded, or removed. - Providing technical assistance to other team members as well as acting as the technical expert to the customer to solve problems or provide general guidance. - Electrical troubleshooting, device testing, installation of electronic components, surveillance camera installation and experience with software monitoring systems. - Follow or refer to layout sheets, building plans, floor plans, circuit schematics and descriptions, and manufacturer’s technical guidance. - Documenting, scheduling, and closing work orders with detailed description of work completed. - Occasional overtime required. - Work orders will be created based on customer requests via email, phone, or text. Work orders and annual testing reports will be completed and then sent to the customer and PM weekly. All documentation shall be provided to the PM for each month’s activity by the 1st of the following month. Expense reports will be completed on a weekly basis as needed. - Performs other job-related duties as assigned. Security Electronics Technician III Experience, Education, Skills, Abilities requested: - Approximately 3+ years of experience in government or commercial installations and locations preferred. Other skills described throughout this document. - Demonstrated experience and training in the basics of circuitry and electronics, basic wiring connections, fiber optic cabling and connections, Video Surveillance (VSS), Access Control (ACS), Intrusion Detection (IDS), CAT6 cabling runs and troubleshooting. - Experience in the installation, maintenance, upgrade, and support of a variety of systems such as ACS, IDS and VSS hardware/software. - Demonstrated experience installing a wide variety of equipment including configuration of connections with centralized monitoring systems such as Identiv, Honeywell and Bosch preferred. - Experience and formal training as a low voltage electrician a plus. - Formal training in basics of electronics and circuitry either in technical school or certifications received during training classes from industry vendors. - Must be skilled in the use of test equipment such as: digital multimeters, toner tracer, lineman handset and video test monitor. - Certification as an installer of equipment such as Identiv/Hirsch, Software House, Bosch, Honeywell and Exacq. - Ability to lift or move items up to 25 lbs. - Proficiency in MS Office Suite applications - Must possess a valid driver’s license with an acceptable driving record. - Ability to obtain at least a Department of Treasury clearance. - GED Required. - Mandatory VSS, ACS and IDS experience. - Must pass pre-employment qualifications of Cherokee Federal. Company Information: Cherokee Federal Solutions (CFS) provides support, services, and solutions to federal and commercial customers. The company takes a personalized approach to solving our clients' toughest challenges, helping you make the most of your skills. CFS is part of Cherokee Federal – a team of tribally owned federal contracting companies. For more information, visit cherokee-federal.com. #CherokeeFederal #LI-SM2 #AppC Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply. Similar searchable job titles 5 times: - Senior Security Electronics Technician - Lead Security Electronics Technician - Security Systems Specialist - Advanced Security Electronics Technician - Security Electronics Supervisor Keywords 5 times: - Security Electronics - Technician - Systems Specialist - Supervisor - Advanced Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request. Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.
• ネットワークとシステムのセキュリティ対策を強化するための新しい技術の評価と導入。 • セキュリティ侵害やその他のサイバー脅威に対する対応計画の策定と実行。 • 自社開発のプラットフォーム製品について、仕様策定段階から積極的に関わる。これには、製品のセキュリティ要件の策定、アーキテクチャの設計段階でのセキュリティ考慮事項の組み込み、及びソースコードレベルでのセキュリティレビューが含まれます。 • 毎日のセキュリティ監視、インシデントレスポンス、および問題解決。 • セキュリティオーディット、診断、および脆弱性評価の実施。
• Coordinate and manage multiple projects within the Application Security team to ensure objectives are delivered on time and within budget. • Track initiatives and follow up on tasks to maintain project momentum and progress. • Engage with the wider Application Security team and stakeholders to gather requirements, define scope, and set objectives. • Identify and manage project risks and develop mitigation strategies to minimize impact. • Facilitate communication between team members and stakeholders, fostering a collaborative environment. • Drive decision-making by aligning efforts and ensuring timely resolutions. • Provide clear, concise project status updates and executive-level summaries for diverse audiences. • Ensure adherence to established project management methodologies and best practices.
Information Security Specialist
Gainwell TechnologiesGainwell Technologies is an Equal Opportunity Employer, where all qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), age, sexual orientation, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
• Designs audits of computer systems to ensure they are operating securely and that data is protected from both internal and external attack. • Makes recommendations for preventive measures as necessary. • Assesses assigned system to determine system security status. • Designs and recommends security policies and procedures to implement; ensures compliance to policies and procedures. • Designs training materials for computer security education and awareness programs. • Evaluates highly complex security systems according to industry best practices to safeguard internal information systems and databases. • Defines and reviews security requirements and subsequently reviews complex systems to determine if they have been designed and established to comply with established standards. • Leads investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management. • Responds to more complex queries and requests for computer security information and reports from both internal and external customers. • Provides technical consultation on highly complex tasks; may assist and/or provide limited direction to lower level technical personnel. • Provides product recommendations of security packages to customers; Reviews vendor products and makes recommendations as appropriate. • Conducts cost analyses to determine feasibility of new products for clients.
