Currently, we are looking for: Principal AWS Cloud Security and Compliance Engineer.
Location: Remote.
responsibilities :
Security Architecture & Design: Lead the design and implementation of secure AWS architectures, ensuring compliance with security frameworks and industry best practices.
Governance & Compliance: Develop, enforce, and monitor compliance with SOC 2, ISO 27001, NIST, CIS, FedRAMP, PCI-DSS, HIPAA, and other security standards.
Cloud Security Operations: Implement and manage AWS security services such as AWS IAM, AWS KMS, AWS GuardDuty, AWS Security Hub, AWS Macie, AWS Config, AWS WAF, and AWS Shield.
Threat Detection & Incident Response: Develop SIEM integrations, monitor security logs, investigate incidents, and lead incident response efforts to mitigate threats.
Automation & Infrastructure Security: Implement Infrastructure as Code (IaC) security policies using Terraform, AWS CloudFormation, or AWS CDK. Automate security monitoring and compliance reporting.
Identity & Access Management (IAM): Define and enforce least privilege access controls, manage AWS Organizations and Service Control Policies (SCPs).
DevSecOps & CI/CD Security: Embed security into the CI/CD pipeline, ensuring secure deployment practices across cloud workloads.
Security Risk Assessments: Perform cloud security risk assessments, threat modeling, and penetration testing to identify and mitigate vulnerabilities.
Security Awareness & Training: Mentor engineering teams on secure coding, cloud security best practices, and AWS security controls.
Stakeholder Collaboration: Work with engineering, compliance, and business teams to align security strategies with organizational goals.
requirements-expected :
10-12 years of hands-on experience in cybersecurity, cloud security, and compliance, with at least 5 years in AWS security.
Expert-level knowledge of AWS security services, architecture, and best practices.
Deep understanding of compliance frameworks (e.g., SOC 2, ISO 27001, NIST, FedRAMP, PCI-DSS, HIPAA).
Experience with AWS IAM, VPC security, AWS WAF, KMS, CloudTrail, Config, Security Hub, Macie, and GuardDuty.
Proficiency in SIEM solutions, security automation, and cloud-native security tools.
Hands-on experience with IaC security (Terraform, CloudFormation), container security (EKS, ECS), and serverless security.
Strong background in DevSecOps, securing CI/CD pipelines, and integrating security into cloud-native development.
Expertise in identity & access management (IAM), RBAC, MFA, and Zero Trust security models.
Experience with incident response, threat detection, and forensic analysis in AWS.
Proficient in scripting and automation (Python, Bash, or PowerShell).
Strong communication skills with the ability to influence technical and non technical stakeholders.
Communicative knowledge of English (min.B2).
offered :
Long-term cooperation.
Benefit package - Multisport, private medical care, life insurance.
Training budget.
Free English lessons.
Individual support from a dedicated company supervisor.
benefits :
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
