Sr. Enterprise Security Engineering Lead - Cloud Security (W2 POSITION, NEED )

Job Title:- Sr. Enterprise Security Engineering Lead - Cloud Security - -

Location:- Remote -

Employment Type:W2

U.S. Citizenship Status: U.S. Citizen

Duration: 6+ Month Contract to Hire

Years of experience: 10+ overall and 3+ years in a senior or lead capacity

Location: International Plaza #2, 14221 Dallas Pkwy Suite 200, Dallas, TX 75254

Work Week: Mostly remote but need to be able to come onsite as needed-Must be in the DFW area

Position Summary:

The Enterprise Security Engineering Lead Will serve as the primary technical and strategic lead for securing Freeman s AWS cloud environment as part of the company s broader cloud migration. This role will ensure the design and implementation of secure cloud architectures, the migration of workloads from Azure and on-premise environments into AWS, and the development of security controls to support ongoing scalability, resilience, and compliance.

Operating within the IT Security department, this role bridges hands-on technical with strategic oversight defining enterprise guardrails and ensuring security is embedded in every stage of cloud design and deployment.

Key Responsibilities:

Leadership & Strategy:

• Serve as the technical IT Security lead overseeing the buildout of Freeman s AWS tenant, establishing a secure and scalable foundation for enterprise workloads.
• Define the cloud security architecture roadmap in alignment with IT Security s long-term vision, compliance goals, and the company s hybrid cloud strategy.
• Participate in cross-functional collaboration with Infrastructure, Enterprise Architecture, and Compliance teams to ensure all cloud and migration efforts meet security and regulatory requirements.

Cloud Security Architecture & Engineering:

• Design and ensure implementation of AWS security configurations and controls that align with NIST CSF, CIS Benchmarks, and ISO 27001.
• Architect and maintain secure identity and access management (IAM) structures, encryption standards, and network segmentation for AWS workloads.
• Ensure secure migration of workloads and data from Azure and on-premise environments into AWS, ensuring consistent governance and compliance.
• Ensure security automation and Infrastructure-as-Code (Terraform, CloudFormation) guardrails are embedded to enforce baseline configurations and detect drift.
• Collaborate with DevOps to integrate security scanning and validation into CI/CD pipelines.

Governance, Risk, & Compliance:

• Ensure all AWS security configurations align with Freeman s compliance obligations (SOC 2, PCI, NIST CSF).
• Oversee the implementation of AWS-native security services such as GuardDuty, Security Hub, Config, and CloudTrail for continuous visibility and assurance.
• Support internal and external audit readiness by maintaining evidence, documentation, and testing of cloud controls.
• Partner with Risk and GRC teams to translate compliance requirements into actionable technical controls.

Monitoring & Incident Response Integration:

• Work with the SOC team to design and tune detection rules, log pipelines, and automated response playbooks for AWS environments.
• Lead cloud-related incident investigations and coordinate remediation efforts across teams.
• Continuously evaluate new AWS security capabilities and third-party tools to enhance detection, response, and prevention capabilities.

Collaboration & Enablement:

• Partner with Infrastructure and Application teams to embed security early in project design and delivery.
• Develop and maintain enterprise documentation including cloud security standards, architecture diagrams, and operational runbooks.
• Provide technical leadership in design reviews, risk assessments, and vendor evaluations related to cloud security solutions.

Qualifications & Experience:

Required:

• 5+ years of experience in IT Security or Cloud Security roles, with at least 3 years in a senior or lead capacity.
• Proven hands-on experience with AWS architecture, governance, and security controls.
• Demonstrated success migrating or securing hybrid environments spanning Azure and on-premise infrastructure.
• Deep understanding of IAM, encryption, key management, networking, and monitoring within AWS.
• Expertise with Infrastructure-as-Code (Terraform, CloudFormation) and automation scripting (Python, PowerShell, Bash).
• Strong familiarity with NIST CSF, CIS, and ISO 27001 frameworks.

Preferred:

• AWS Certified Security Specialty or AWS Solutions Architect Professional.
• Experience with container and serverless security (EKS, ECS, Lambda).
• Familiarity with Zero Trust network and access models (Zscaler, Cloudflare, Okta).
• Experience leading or contributing to SOC 2, PCI DSS, or ISO 27001 audit readiness efforts.
• Demonstrated ability to lead teams and deliver security solutions in large, distributed enterprises.

Core Competencies:

• Strong collaboration and communication across technical and executive audiences.
• Proactive and analytical mindset with focus on risk reduction and operational efficiency.
• Ability to balance innovation, compliance, and business enablement within a fast-moving transformation initiative.

Call Notes/Updates: 10/31-Manager Notes:

• Must be polished with strong communication skills
• Responsible for standing up AWS tenant (ensuring security around the build), ongoing maintenance, and continuous build efforts
• Primary focus on cloud security within AWS environments
• Drive AWS build-out and migration efforts around security
• Provide long-term oversight and design for cloud security across multiple years
• Partner with infrastructure on the build out and teams building applications, DevOps, AI, integration, and automation solutions
• Ensure security across cloud build-out, governance, risk, and compliance making sure all security processes are implemented correctly
• Serve as the security lead-point man for security (individual contributor, not managing a team)
• Collaborate closely with infrastructure teams to ensure AWS is designed and implemented securely
• Deliver strong security reporting and documentation
• Hands-on with security; able to identify concerns, define appropriate approaches, and ask the right questions to mitigate risks
• Ensure proper security account structures, encryption levels, and access controls are in place
• Confident presenting and participating in meetings with technical and non-technical audiences
• Over time, will support and ensure security within the future DevOps build-out and expansion efforts