Overview
Skills
Job Details
Role Summary
The Security Engineer is responsible for designing, implementing, and operating security
solutions that protect enterprise systems, cloud environments, and data assets. This role
focuses heavily on AWS security operations, incident response, monitoring and
observability, compliance alignment, and automation. The Security Engineer works closely
with engineering, architecture, and business stakeholders to ensure security controls are
aligned with organizational objectives and regulatory requirements.
Mandatory Certifications
AWS Certified SysOps Administrator Certification.
Additional security-focused Certifications (AWS Security Specialty, CKS, CISSP, or GIAC)
Additional Mandatory Qualifications (within the last 10 years)
Three (3) years of experience with AWS security services (GuardDuty, Security Hub,
WAF, Inspector).
Three (3) years of expert-level experience in monitoring and observability tools
(CloudWatch, Prometheus, Grafana).
Five (5) years of experience with incident management and ITIL processes.
Five (5) years of experience aligning business and technical controls with compliance
frameworks (HIPAA, PCI-DSS, SOC 2, NIST).
Five (5) years of experience with log aggregation and SIEM solutions (Elastic).
Seven (7) or more years of experience developing SIEM correlation rules, dashboards,
and threat-detection content.
Five (5) years of experience in automation and scripting (Python, Bash).
Three (3) years of experience with container security and Kubernetes security best
practices.
Seven (7) years of experience developing and implementing technical solutions to
mitigate security vulnerabilities.
Seven (7) or more years of experience aligning IT systems with organizational business
processes, with at least five (5) years in a lead capacity.
Five (5) years of experience supporting multi-account AWS Organizations
environments, including governance guardrails, SCPs, and operational best practices.
Experience leading high-severity security incident management, documentation, and
resolution.
Key Responsibilities Expected in the Role
Security Architecture & Vulnerability Mitigation
• Develop and implement technical security solutions to mitigate vulnerabilities
across cloud and enterprise environments.
• Align security controls with organizational business processes and risk
management objectives.
• Serve in a lead capacity for security initiatives impacting multiple systems or
business domains.
AWS Security Operations
• Support and secure multi-account AWS Organizations environments, including
governance guardrails and Service Control Policies (SCPs).
• Implement and operate AWS security services including GuardDuty, Security Hub,
WAF, and Inspector.
• Support AWS operational security best practices across workloads and platforms.
Monitoring, Observability & SIEM
• Design and operate monitoring and observability solutions using CloudWatch,
Prometheus, and Grafana.
• Implement log aggregation and SIEM solutions using Elastic.
• Develop SIEM correlation rules, dashboards, and threat-detection content to
improve alert quality and reduce false positives.
Incident Management & Response
• Lead and support high-severity security incidents.
• Develop, maintain, and execute incident response runbooks.
• Perform post-incident analysis and reporting.
• Apply ITIL-aligned incident and problem management processes.
Compliance & Risk Alignment
• Align security controls and technical implementations with compliance
frameworks such as HIPAA, PCI-DSS, SOC 2, and NIST.
• Support audit readiness and compliance reporting efforts.
Automation & Container Security
• Develop automation and scripting solutions using Python and Bash to improve
security operations efficiency.
• Implement container and Kubernetes security best practices across environments.
*Or equivalent combination of education, experience, and certifications where
permitted.