Remote || Cloud Security Engineer

Overview

Remote
Depends on Experience
Contract - Independent
Contract - W2

Skills

Amazon Web Services
Cloud Security
Cloud Computing
SCA
SCP
Software Security
Terraform
GitHub

Job Details

Position: - Cloud Security Engineer
Location: - Remote
Type: - Contract to Hire
Job Description
Job Responsibilities:
  • Evaluate and integrate security tools (e.g., SCA, SAST, secrets scanning, CSPM, SSPM) through proof-of-concept (PoC) testing and hands-on validation.
  • Engage with client stakeholders to provide expert guidance on cloud and application security best practices.
  • Define and enforce OPA policies to block insecure Terraform deployments in the CI/CD process.
  • Build and maintain dashboards within security tooling to highlight cloud security risks and sensitive data exposure.
  • Interpret and communicate findings from security reports to both technical and non-technical stakeholders to highlight business impact and drive remediation.
Skills and Experience Required:
Required
  • Strong hands-on experience with AWS cloud platform
  • Strong hands-on experience with Terraform for IaC.
  • Strong hands-on experience with GitHub Actions for CI/CD automation
  • Demonstrated understanding of key security domains: SCA, SAST, CSPM, SSPM, Secret Scanning
  • Ability to clearly articulate the purpose and use cases for these security tools to both technical teams and client stakeholders.
  • Remediate cloud misconfigurations by collaborating with service owners and modifying IaC definitions.
  • Evaluate and integrate security tools (SCA, SAST, secrets scanning, SSPM) through PoCs and hands-on testing.
  • Develop GitHub Actions and workflow templates to automate security scans for projects written in multiple programming languages.
  • Identify accountable teams for legacy or orphaned cloud resources and ensure remediation paths are clearly owned.
Desired:
  • Experience with Kubernetes and Argo CD
  • Familiarity with security and policy enforcement tools such as: OPA, AWS Config / SCP, TruffleHog, Endor Labs, Scalr, Cyera, Noname Security (now Akamai)
  • Prior experience building security dashboards or integrating security reporting into engineering workflows.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.