Lead AWS Cloud Security Engineer

NO SPONSORSHIP - NO OPT

Lead Associate Principal, Cloud Security Engineering

SALARY: $190k - $200k plus 15% bonus

LOCATION: CHICAGO

Hybrid 3 days onsite and 2 days remote

LEAD CLOUD SECURITY Engineer - managing day to day cloud security devops activities and testing. AWS identity authentications architectures across cert based OA auth2/OIDC IAM. AD K8s Kerberos cyberark hashicrop vault active directory certificate services ADCS HSM PKIs terraform ansible python groovy bash golang

You will help manage privileged access systems that protect our most critical assets, implement AI-based security capabilities, and help shape our security architecture. This position offers excellent growth opportunities as you'll work with best-in-class technologies while collaborating with cross-functional teams to solve complex security challenges. If you're passionate about cybersecurity and seeking a role where your expertise directly strengthens organizational resilience, this is an ideal next step for your career.

Demonstrate in-depth knowledge of security controls and standards across cloud security, architecture, and security testing Apply expertise in industry frameworks (CIS, NIST CSF, CSA CCM) to design, implement, and validate security controls spanning cloud architecture, identity and access management, data protection, and security testing including vulnerability assessments and penetration testing.

Qualifications:

Seven Years Experience with Security Engineering activities and testing.

Five years of experience with DevOps processes

Five years experience with AWS architecture and services.

Advanced knowledge in identity and authentication architectures across cert-based, OAuth2/OIDC, IAM, AD, k8s, and Kerberos implementations

Advanced knowledge and experience designing secure CI/CD and IaC ecosystems with Terraform, Ansible, and Jenkins at enterprise scale.

Effective oral and written communication, analytical, judgment and collaboration skills.

Ability to effectively communicate in both formal and informal review settings with all levels of management.

Ability to work with local and remote IT staff/management, vendors and consultants.

Ability to work independently and possess strong organizational skills.

Technical Skills:

Proficiency providing operational and engineering support for one or more of the following: CyberArk, HashiCorp Vault, Active Directory Certificate Services (ADCS), HSMs, and Public Key Infrastructure (PKI).

Expertise in DevOps and DevSecOps practices and tooling. Hands-on expertise across CI/CD pipeline development and automation tools such as Jenkins, GitHub Actions, or GitLab CI, leveraging infrastructure-as-code frameworks (Terraform, Ansible) and scripting languages (Python, Groovy, Bash, GoLang) to embed security controls throughout the software development lifecycle.

Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation.