
Cloud Engineer – Infrastructure, Security Requirements
Posted 4 hours ago

Posted 4 hours ago
This is a fully remote position, open to applicants in Brazil.
• The operational specialist will be responsible for aiding, overseeing, and reacting to daily security operations within the AWS public cloud, guaranteeing the implementation, ongoing functionality, and resilience (SRE) of security measures for cloud technologies, products, and services.
• Works in partnership with cloud architects and various internal and contracted technical teams to manage cloud security infrastructure and services in alignment with established standards, requirements, and best practices for resource utilization.
• Administers and sustains daily security controls and tools within the AWS public cloud, ensuring the continuous functionality of resources such as GuardDuty, AWS Security Hub, AWS WAF, Amazon Inspector, AWS Config, and CloudTrail, while maintaining activity logging and compliance with agreed service levels.
• Proactively monitors security events and alerts, executing triage, prioritization, and routing of incidents, along with opening and tracking related tickets.
• Conducts security incident response activities, which include containment, investigation, and recovery, while documenting actions taken and lessons learned.
• Oversees operational vulnerability processes, performing scans, triaging findings, and coordinating remediation efforts with the responsible teams.
• Implements and maintains security baselines and hardening procedures for public cloud resources and on-premises environments, adhering to benchmarks such as CIS and the organization's internal policies.
• Operates AWS identity and access management mechanisms (IAM), facilitating permissions reviews, credential rotations, and enforcing the principle of least privilege.
• Analyzes logs and audit trails to detect anomalies, support investigations, and uphold compliance evidence.
• Assists with patching and security configuration updates, ensuring environments remain current and compliant.
• Collaborates with other technical teams to integrate security tools into infrastructure and DevOps processes, following ITIL, Agile, and DevSecOps methodologies.
• Records operational procedures, documents activities undertaken, and keeps the security operations knowledge base current.
• A Bachelor's degree in Information Technology, or any Bachelor's degree complemented by a postgraduate specialization in Information Technology of at least 360 (three hundred and sixty) hours from an institution recognized by MEC.
• ITIL Foundation Certified v4 or higher, or Agile Certified Practitioner (PMI-ACP), or Agile Scrum Foundation, or Scrum Foundation Professional Certificate (SFPC).
• Possession of two or more certifications in AWS and/or Azure technologies, products, or services. One of the certifications must include: CCSP (Certified Cloud Security Professional) OR Microsoft Certified: Security Operations Analyst Associate OR AWS Certified Security – Specialty.
• A minimum of 2 years of project management experience in public cloud IT infrastructure environments relevant to the technical aspects of the role.
• Practical experience in the operation and support of AWS public cloud security (SecOps), encompassing monitoring, incident response, and daily vulnerability management.
• Hands-on experience with native AWS security services such as GuardDuty, AWS Security Hub, Amazon Inspector, AWS Config, CloudTrail, Amazon Detective, and Amazon Macie.
• Familiarity with SIEM, EDR/XDR, WAF, IDS/IPS, Patch Management, hardening, and identity and access management.
• Practical experience in applying daily security frameworks, mapping controls and evidence to NIST, CIS, MITRE ATT&CK, ISO 27001, and OWASP Top 10.
• Technical experience in managing activities in accordance with agile principles and practices, including the Agile Manifesto, Scrum, Extreme Programming (XP), and Kanban.
• Experience with DevSecOps practices in relation to the integration, operation, and security routines of systems and infrastructure in both public cloud and on-premises environments.
• Experience in defensive security (Blue Team), threat hunting, event analysis, and SOC operations is advantageous.
• Comprehensive knowledge of key security frameworks and best practices, with the capability to implement them in operations: MITRE ATT&CK and D3FEND, NIST, CIS Controls and CIS Benchmarks, ISO 27001, and OWASP Top 10.
• Health Plan
• Life Insurance
• Meal or Food Allowance
• Transportation Allowance
• WellHub Gympass
Uvation
CrowdStrike
Cribl
Mirantis
Get handpicked remote jobs straight to your inbox weekly.