Cloud Security Engineer, DevSecOps Engineer

This is a fully remote position, open to applicants in New York.

📋 Description

• Assess, enhance, and assist in the design of secure architectures within AWS and Microsoft Azure environments.

• Implement and uphold cloud security measures pertaining to IAM, network segmentation, encryption, logging, key management, backups, secure configuration, and access control.

• Detect and resolve cloud misconfigurations, excessive permissions, insecure storage, public exposure, weak logging, and absent security controls.

• Collaborate with engineering and infrastructure teams to embed security checks and DevSecOps methodologies into CI/CD workflows.

• Manage and refine vulnerability management processes, encompassing scanning, validation, prioritization, remediation tracking, reporting, and exception reviews.

• Utilize security monitoring and telemetry platforms to aid in alert triage, endpoint visibility, log examination, investigation, and enhancement of detection capabilities.

• Assist in compliance monitoring, evidence gathering, control mapping, and readiness for audits using Vanta and Compyl.

• Align technical controls with compliance obligations, internal policies, customer security expectations, and audit evidence requirements.

• Engage in threat modeling and security assessments for new applications, infrastructure modifications, cloud deployments, and third-party integrations.

• Aid in incident response efforts, including alert investigation, log analysis, evidence collection, containment suggestions, and post-incident enhancements.

• Enhance identity and access management practices, emphasizing least privilege, MFA, conditional access, service principals, role reviews, privileged access controls, and access certification support.

• Develop and uphold security documentation, cloud security standards, control narratives, runbooks, remediation procedures, and architecture diagrams.

• Facilitate the implementation and maintenance of security benchmarks and frameworks such as CIS, NIST, SOC 2, ISO 27001, HIPAA, FedRAMP Moderate, and HITRUST.

• Convert security and compliance requirements into actionable technical tasks for engineering, IT, and infrastructure teams.

⛳️ Requirements

• 3–5 years of experience in cybersecurity, cloud security, DevOps, infrastructure, systems administration, security operations, compliance operations, or a similar technical role.

• Practical experience with AWS and/or Microsoft Azure, demonstrating the ability to operate across both platforms.

• Proficient understanding of cloud security principles, including IAM, network controls, encryption, logging, monitoring, workload security, and shared responsibility models.

• Familiarity with common AWS security services like IAM, CloudTrail, CloudWatch, GuardDuty, Security Hub, KMS, Config, S3 security, or VPC controls.

• Experience with typical Azure security services such as Microsoft Entra ID, Azure Policy, Defender for Cloud, Key Vault, Network Security Groups, Log Analytics, Sentinel, or related offerings.

• Background in vulnerability management tools including Rapid7 InsightVM, Nexpose, InsightCloudSec, InsightIDR, or comparable platforms.

• Knowledge of SIEM, endpoint monitoring, log analysis, or security telemetry tools such as Wazuh, Rapid7 InsightIDR, Microsoft Sentinel, or similar solutions.

• Familiarity with compliance automation, GRC, or audit readiness platforms like Vanta, Compyl, or similar applications.

• Ability to analyze vulnerability, cloud posture, endpoint, and compliance findings, prioritizing remediation based on risk levels.

• Working knowledge of secure configuration, patch management, asset inventory, evidence collection, vulnerability remediation, and exception management workflows.

• Basic to intermediate scripting or automation skills using Python, PowerShell, Bash, Terraform, or similar tools.

• Excellent communication and documentation abilities, including the capacity to articulate technical risks, draft clear procedures, and propose practical remediation strategies.

🏝️ Benefits

• Exceptionally generous paid time away from work

• A variety of paid leave programs

• Savings opportunities with 401(k) and incentive plans

• Internal education programs

• Full array of health benefits

• Fitness reimbursement

• Cell phone subsidy

• Casual offices with snacks and drinks

• Peer recognition programs

• Health advocacy and employee assistance programs

• Pet insurance