Principal AWS Security Engineer -- Direct Client

Remote • Posted 11 hours ago • Updated 4 hours ago
Contract Corp To Corp
Contract Independent
6 Months
No Travel Required
Remote
Depends on Experience
Fitment

Dice Job Match Score™

🫥 Flibbertigibetting...

Job Details

Skills

  • AWS
  • Security Engineering
  • Terraform
  • EKS
  • Policy-as-Code
  • CI/CD Security Patterns

Summary

Job Title: Principal Cloud Security Engineer (AWS)
Location: Remote/Chicago, IL
Duration: 6-12 Months
Client: Direct

Our client is seeking a Principal Cloud Security Engineer to make security an engineering output rather than a review checkpoint. You’ll build the Terraform modules, AWS account patterns, policy-ascode, and CI/CD controls that engineering teams use to ship safely so the security baseline rises through code, not through tickets. This is a software engineering role inside our security team. We want someone whose instinct, when handed a security problem, is to design and ship a durable technical control, not to write a policy document or stand up another tool. Engineers who came up through software, platform, or SRE work and then went deep on security are exactly who we’re looking for.

What you’ll do
• Design AWS multi-account, organization, and guardrail patterns that make the secure path the easy one.
• Build and own a library of Terraform modules and policy-as-code that engineering teams adopt across the company.
• Implement preventive controls, including SCPs, deployment-time policy validation, and drift detection, for high-risk cloud actions, in the code paths where work already happens.
• Build logging integrity and tamper resistance into CloudTrail, telemetry pipelines, and core monitoring; define what good cloud telemetry looks like for downstream detection.
• Partner with Platform and Architecture on identity, networking, EKS, and serverless patterns. Work with Security Operations to turn cloud signals into useful detections.
• Make architecture decisions visible through design docs, pull requests, and reference implementations others can read and copy.

What you bring
• 10+ years across software engineering, platform engineering, SRE, or cloud security, with substantial hands-on AWS work in multi-account environments.
• Production-quality code in at least one of Go, Python, TypeScript, C#, or Java. You think about security problems as software problems.
• Deep Terraform: reusable modules, tested patterns, and an opinion about how IaC should be structured at scale.
• Hands-on experience with policy-as-code, preventive guardrails, and securing EKS and serverless workloads.
• Experience building detective and preventive controls for cloud control planes and logging integrity.
• Comfort working through pull requests and design reviews with engineering teams, not only with security teams.

Nice to have
• SIEM/XDR integration experience; familiarity with Palo Alto or Prisma.
• CI/CD security patterns and developer-enablement work.
• Securing AI/GenAI services, internal copilots, or agentic workflows in cloud environments.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91124004
  • Position Id: 9018985
  • Posted 11 hours ago
Contact the job poster
SK

Sam Krishna

Recruiter @ ABF, LLC
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote

Today

Easy Apply

Contract

Depends on Experience

Remote or Almont, Colorado

Today

Contract

Remote

15d ago

Easy Apply

Third Party, Contract

Depends on Experience

Remote or Almont, Colorado

Today

Contract

Search all similar jobs