Tokenization Engineer
Listed on 2026-07-18
-
IT/Tech
Cybersecurity, Cloud Computing: Infrastructure & Operations, Data Security, AWS
AWS Engineer
We are seeking a skilled AWS Engineer with strong experience in tokenization, data security, and containerized application management. The ideal candidate will have deep technical expertise in AWS cloud services, automation, scripting, and data security framework. This role requires hands-on experience with EKS clusters, CFT updates, and secure data handling (PII/confidential data masking and tokenization).
Key Responsibilities- Design, build, and maintain containerized applications on AWS (EKS/ECS) using automation and custom scripts.
- Implement and manage tokenization and detokenization processes to protect PII and confidential data.
- Work with data security tools to ensure compliance with internal and external security standards (e.g., PCI DSS, GDPR).
- Build and maintain infrastructure as code (IaC) using Cloud Formation Templates (CFTs) and automation pipelines.
- Develop and manage scripts (Python, Shell, Ansible, etc.) to automate application builds and deployments.
- Collaborate with security and data engineering teams to implement data masking, token mapping, and encryption solutions.
- Monitor, optimize, and troubleshoot EKS clusters, ensuring high performance and scalability.
- Maintain documentation on infrastructure design, tokenization workflows, and data protection measures.
- Participate in audits, reviews, and assessments of data security systems.
- 6–10 years of total IT experience with a strong focus on AWS Cloud Engineering and Data Security.
- Hands-on experience with AWS services – EC2, EKS, Lambda, S3, IAM, Cloud Formation, and KMS.
- Proven experience in containerization and Kubernetes (EKS) management, including upgrades and patching.
- Proficiency in Python scripting and automation for build/deployment processes.
- Strong understanding of tokenization concepts, token mapping, and data masking techniques.
- Experience with data security tools used for tokenization/detokenization and encryption key management (e.g., Protegrity, Thales Cipher Trust, Voltage Secure Data, or similar).
- Deep knowledge of PII and confidential data protection standards.
- Experience updating and maintaining Cloud Formation Templates (CFTs) and other IaC frameworks.
- Solid understanding of security compliance frameworks (PCI DSS, GDPR, HIPAA).
- Exposure to ETL tools and data pipelines (Informatica, IICS).
- Familiarity with Dev Sec Ops and integrating security within CI/CD pipelines.
- Knowledge of AWS KMS, encryption mechanisms, and key rotation policies.
- Strong analytical and problem-solving abilities.
- Excellent communication and documentation skills.
- Ability to collaborate with cross-functional teams (Dev Ops, Data, Security).
- Self-driven with a proactive approach to automation and process improvement.
About Us Stratacent is an IT Managed Services firm, headquartered in Jersey City, NJ, with two global delivery centers and offices in New York City, India, London and Canada. We are a leading IT services provider focusing in Financial Services, Insurance, Healthcare and Life Sciences. We help our customers in their digital transformation journey and provide solutions around Cloud Services, Automation, Data and Analytics, Application Development, IT Service Management and Cyber Security.
We have partnerships with AWS, Azure, Google Cloud Platform, Automation Anywhere, Snowflake and SAS.
- Health Insurance
- Vision Plan
- Dental Plan
- Health Saving Account (HSA)
- Paid Time Off and Vacations
- 401K Plan
- Continuous Learning Program
Stratacent is an equal opportunity employer. As such, to the extent defined by federal, state, and municipal law, Stratacent will not discriminate against any employee or applicant for employment on the basis of race, color, creed, religion, age, sex, national origin, ancestry, handicap, or any other factor protected by law.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).