Cloud Engineer Senior Advisor

Cloud Engineer Senior Advisor


Role Summary

This role is a hands-on cloud and application security engineering position focused on modernizing and operating AWS WAF, API security, and application security posture at scale. The work emphasizes automation, policy as code, AI-assisted analysis, and operational execution, with minimal emphasis on leadership or executive engagement.

The contractor will design, build, tune, and operate AWS WAF and API security capabilities, migrate WAF policy management to GitHub based CI/CD, enhance visibility through AWS Security Lake, and automate remediation workflows to reduce manual effort and improve detection fidelity.

Primary Responsibilities

• Implement, operate, and tune AWS WAF, Firewall Manager, Shield Advanced, and related AWS security services.
• Migrate and maintain AWS WAF policies as code using GitHub SaaS, including CI/CD workflows, versioning, testing, and rollback.
• Build automation (Terraform, Python) to deploy, manage, and validate WAF and application security controls at scale.
• Integrate WAF, API, and application security telemetry into AWS Security Lake to support detection, investigation, and analytics.
• Apply AI-assisted techniques to reduce WAF false positives, improve rule tuning and coverage, and accelerate threat detection and log analysis.
• Develop automation and scripts to produce actionable outputs from the API Ownership Framework, improving visibility and accountability.
• Evaluate and enhance application security posture management (ASPM) and API ownership across cloud-native applications.
• Define and implement Noname remediation requirements, ensuring API posture findings are prioritized, actionable, and consumable by engineering teams.
• Support day-to-day operations of cloud and application security tooling, including troubleshooting, optimization, and routine automation.
• Partner directly with application and platform engineers to integrate WAF, API, and application security controls into CI/CD pipelines.

Required Skills & Experience

• Strong hands-on experience with AWS WAF operations and tuning.
• Practical experience with policy as code and GitHub based CI/CD pipelines.
• Experience integrating security logs and findings into AWS Security Lake or similar platforms.
• Hands-on experience with API security platforms (e.g., Noname or equivalent).
• Strong automation skills using Terraform and Python.
• Experience with application security posture management and cloud-native architectures (containers, serverless, microservices).
• Ability to translate security findings into clear, actionable remediation guidance.

Experience & Education

• Bachelor’s degree in Computer Science or related field (or equivalent experience).
• 8–12 years of hands-on security engineering experience, primarily in cloud, application, or API security.
• AWS Security Specialty, GIAC Cloud Security Automation (GCSA) and/or CCSP preferred.

Since 1995, iTech Solutions Inc., has been providing IT Consulting and Direct Hire Services to the Insurance, Financial, Communications, Manufacturing and Government sectors with local offices in Connecticut, Minnesota, Colorado, Massachusetts, Tennessee, North Carolina, and New Jersey / Pennsylvania area.

Our recruiting strategy is simple, if you want to find qualified IT professionals then use IT professionals to find them. So at iTech Solutions, our personnel are all career IT professionals with a wide range of IT experience. We can honestly say our staff understands the technologies, the complexities of finding and selecting the appropriate personnel and the pressures of running successful IT projects.

Employer will not sponsor applicants for any employment visas, at hiring or in the future, including but not limited to H-1B visas. Corp-to-Corp or subcontract personnel will not be considered for this position.

iTech Solutions, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans, or individuals with disabilities.