Job Title: Application Security Engineer (Cloud / Application Security)
Job Location: Remote (US based)
Length: (C/CTH/DH): Long term/ STRAIGHT contract role but for the right person they would convert them.
Interview Process: 3 rounds
· 1- Manager, Security Engineering & Compliance
· 2- SVP of People
· 3- CPTO (final decision maker)
Team Size / Team Dynamics
Small Development Team. Members will be wearing multiple hats
Education:
Bachelor’s degree required.
Job Overview:
The Application Security Engineer will secure Interos.ai’s AWS cloud environments, containerized workloads, application stack, CI/CD pipelines, and incident response processes. The role is hands-on and highly collaborative with Engineering, Product, DevOps, and Security Operations.
Top 3 Technical Skills:
· AWS Cloud & Application Security
· Docker / Kubernetes Security
· CI/CD Pipeline Security + Terraform (IaC)
Experience That Would Move a Candidate to the Top
· Hands-on ownership of cloud security implementations
· Experience securing containerized environments
· Knowledge of regulated or government cloud standards (FedRAMP, IL5 preferred)
· Relevant security and cloud certifications
Required Tech / Experience
· AWS cloud security architecture and services
· Cloud application security engineering
· Docker and Kubernetes security
· Infrastructure as Code (Terraform)
· CI/CD pipeline security integration
· Identity management, encryption, and access controls
· Incident response and cloud monitoring
Responsibilities:
Cloud Security Strategy:
·Develop and implement comprehensive cloud security strategies aligned with business objectives.
·Assess current security practices, provide recommendations for and implement improvements
AWS (Amazon Web Services) Expertise:
·Oversee AWS architecture and ensure that security settings are optimally configured.
·Demonstrate subject matter expertise on AWS services, emphasizing security best practices.
Containerization and Orchestration:
·Design and implement secure containerization strategies using Docker and orchestration with Kubernetes.
·Ensure the security of containerized applications throughout the development and deployment lifecycle.
Infrastructure as Code (IaC):
·Utilize Terraform to define and provision infrastructure as code, ensuring security controls are embedded in the deployment process.
·Implement automated security checks within the IaC pipeline.
Security Controls Implementation:
·Implement and manage security controls, encryption, and identity management within AWS environments.
·Conduct regular security assessments and audits to identify and mitigate potential risks.
Collaboration and Communication:
·Collaborate with cross-functional teams, including developers, operations, and DevOps, to integrate security seamlessly into the development lifecycle.
·Communicate security requirements and best practices effectively to technical and non-technical stakeholders.
Incident Response and Monitoring:
·Develop and implement incident response plans for cloud environments.
·Establish and maintain effective monitoring and alerting systems for timely detection and response to security incidents.
·Identify gaps in our security posture and prioritize remediation efforts
·Lead and manage security incidents, conducting thorough investigations as needed to identify root causes and facilitate effective remediation as needed
Qualifications:
·5+ years of expertise in AWS, including hands-on experience with AWS security services preferred.
Never miss an opportunity! Create an alert based on the job you applied for.
