AWS Security Engineer

Role: AWS Security Engineer

Location: Remote

Key Responsibilities:

Security & Identity Management:

o Implement and manage AWS Identity and Access Management (IAM), and Permission Boundaries.

o Define fine-grained permissions using IAM roles, policies, and attribute-based access control (ABAC).

o Enforce secure authentication and access control with MFA, IAM Access Analyzer, and AWS Secrets Manager.

Account Governance & Compliance:

o Set up and govern multi-account environments using AWS Organizations, AWS Control Tower, and Service Control Policies (SCPs).

o Leverage AWS Config and AWS Audit Manager to enforce compliance and auditability across accounts.

o Create and manage resource tagging strategies and tag policies.

Monitoring & Threat Detection:

o Deploy and maintain monitoring solutions using AWS CloudTrail, Amazon CloudWatch, AWS Config, and AWS X-Ray.

o Integrate advanced threat detection services such as:

Amazon GuardDuty for threat intelligence

AWS Inspector for automated vulnerability management

AWS Security Hub for centralized security posture management

Infrastructure & Network Security:

o Implement VPC security best practices using Security Groups, Network ACLs, VPC Flow Logs, and Private Endpoints.

o Configure and manage AWS WAF, AWS Shield, and AWS Firewall Manager for application-layer and DDoS protection.

o Utilize AWS Key Management Service (KMS) and CloudHSM for encryption and secure key storage.

Automation & Best Practices:

o Develop and maintain secure Infrastructure as Code (IaC) using AWS CloudFormation, Terraform, and CDK.

o Integrate security into CI/CD pipelines using services like AWS CodePipeline, CodeBuild, and third-party tools.

o Build runbooks and automated remediations using AWS Lambda, EventBridge, and Systems Manager.

Collaboration & Incident Response:

o Partner with DevOps, Engineering, and Compliance teams to integrate security guardrails early in development.

o Support security incident response efforts, perform forensics, and contribute to continuous improvement of incident response playbooks.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Role: AWS Security Engineer

Location: Remote

Key Responsibilities:

Security & Identity Management:

o Implement and manage AWS Identity and Access Management (IAM), and Permission Boundaries.

o Define fine-grained permissions using IAM roles, policies, and attribute-based access control (ABAC).

o Enforce secure authentication and access control with MFA, IAM Access Analyzer, and AWS Secrets Manager.

Account Governance & Compliance:

o Set up and govern multi-account environments using AWS Organizations, AWS Control Tower, and Service Control Policies (SCPs).

o Leverage AWS Config and AWS Audit Manager to enforce compliance and auditability across accounts.

o Create and manage resource tagging strategies and tag policies.

Monitoring & Threat Detection:

o Deploy and maintain monitoring solutions using AWS CloudTrail, Amazon CloudWatch, AWS Config, and AWS X-Ray.

o Integrate advanced threat detection services such as:

Amazon GuardDuty for threat intelligence

AWS Inspector for automated vulnerability management

AWS Security Hub for centralized security posture management

Infrastructure & Network Security:

o Implement VPC security best practices using Security Groups, Network ACLs, VPC Flow Logs, and Private Endpoints.

o Configure and manage AWS WAF, AWS Shield, and AWS Firewall Manager for application-layer and DDoS protection.

o Utilize AWS Key Management Service (KMS) and CloudHSM for encryption and secure key storage.

Automation & Best Practices:

o Develop and maintain secure Infrastructure as Code (IaC) using AWS CloudFormation, Terraform, and CDK.

o Integrate security into CI/CD pipelines using services like AWS CodePipeline, CodeBuild, and third-party tools.

o Build runbooks and automated remediations using AWS Lambda, EventBridge, and Systems Manager.

Collaboration & Incident Response:

o Partner with DevOps, Engineering, and Compliance teams to integrate security guardrails early in development.

o Support security incident response efforts, perform forensics, and contribute to continuous improvement of incident response playbooks.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.