AWS Security Developer

Title: AWS Security Developer

Location: Remote

Description:

The AWS Security Manager is responsible for ensuring the security, compliance and protection of our cloud-based infrastructure. The ideal candidate will have hands-on experience with AWS security services, cloud risk assessments, incident response and continuous security monitoring. This role partners with Cloud Engineering, DevOps and Application teams to maintain a secure and resilient cloud environment. The manager partners with Security, Cloud Engineering, DevOps, GRC, Audit and Application teams to embed security into all stages of the cloud lifecycle.

Responsibilities:

• Lead and mentor a team of security engineers focused on AWS hardening, Terraform automation, CI/CD security and cloud monitoring and incident response
• Establish enterprise-wide AWS security standards and policies
• Oversee Identify and Access Management (IAM) strategy
• Strong proficiency with Terraform, including writing reusable modules and automated deployments through CI/CD
• Experience with AWS Lambda development and serverless architecture, with the ability to guide engineers, review code, enforce best practices and ensure secure scalable deployments
• Manage deployment and configurations of AWS native security tools: AWS Security Hub, Guard Duty, Config and Config rules, KMS encryption keys, VPC Security (NACLs, subnets)
• Strong understanding of IAM Roles/Policies and Identity Federation, Encryption, KMS, secrets management
• Work with DevOps teams to implement security best practices into CI/CD pipelines and infrastructure as code
• Enforce controls for logging, encryption, network segmentation, patching, vulnerability management
• Drive security automation for drift detection, patching, vulnerability remediation and compliance reporting
• Oversee detection and response to security events in AWS
• Manage threat investigations, root cause analysis remediation plans
• Build and maintain runbooks, tabletop exercises and escalation paths
• Implement and improve AWS security controls, guardrails and baseline configurations
• Continuously evaluate AWS environments for cost-effective security improvements
• Conduct threat modeling, vulnerability analysis and remediation coordination
• Maintain AWS risk register, security assessments and internal controls
• Ensure readiness for audits, SA&A, NIST, FISMA and FedRAMP
• Manage evidence gathering, control testing and gap remediation. Work with external auditors and internal stakeholders during audit cycles
• Conduct regular configuration reviews, vulnerability scans and compliance checks
• Approve and reject new AWS architecture from a security standpoint
• Partner with DevOps, engineering, development teams. Train teams on secure cloud practices.
• Report risks, KPIs and metrics to senior leadership
• Participate in on-call rotations to support 24/7 production systems and respond to incidents as they arise

Required Qualifications:

• 6+ years of experience in cloud security or cybersecurity
• Strong experience managing or leading teams
• Python or Bash scripting for automation
• Understanding of AWS security controls, specific to identity, logging and encryption
• Expert knowledge of AWS IAM, AWS KMS & encryption, AWS security services, CloudTrail/ CloudWatch
• Advanced hands-on experience writing and reviewing Terraform modules
• Experience writing and operating AWS Lambda functions
• Perform IAM policy and permissions audits to enforce least privilege
• Ability to read and interpret access logs, cloud account configurations and IAM policies
• Experience building and securing large multi-account AWS environments

Preferred Qualifications:

• Cloud certification (AWS Cloud Practitioner, Security Specialty)
• Security compliance or audit certification
• Experience with container security (EKS/ECS)