Cloud Security Engineer

Our client is seeking a Cloud Security Engineer to help design, build, and continuously improve secure AWS cloud environments—while also addressing modern risks across workforce security, Dev Sec Ops , and AI/GenAI use cases. This role partners closely with engineering, product, enterprise systems, and data science teams to embed security into how systems are built and operated.

• Design and implement secure cloud architectures in AWS.
• Build and maintain security guardrails and standards (IAM, network segmentation, encryption, etc.).
• Apply Zero Trust principles across cloud systems and user endpoints.
• Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.).
• Review existing cloud implementations, identify gaps, and drive remediation priorities.

• Define and enforce endpoint and access controls.
• Improve identity lifecycle processes and privileged access management (PAM).
• Partner with engineering teams to implement a secure VDI environment to support PHI access.

• Define security controls for AI/ML and GenAI applications.
• Work with Data Science to reduce risks like model poisoning, prompt injection, data leakage, and adversarial attacks.
• Secure agentic AI systems (autonomous workflows / decision-making agents).
• Help embed security into the model development lifecycle (MLSecOps).

• Partner with GRC to support compliance with healthcare frameworks and regulations (HIPAA, HITRUST, SOC 2, etc.).
• Perform risk assessments and threat modeling for cloud and AI systems.
• Support audits by ensuring controls and documentation are in place.

• Implement and tune cloud-native monitoring/detection (SIEM, CSPM, CWPP).
• Build automated response/remediation workflows.
• Support incident response for cloud security events.

• Integrate security into CI/CD pipelines and infrastructure-as-code (Terraform, Cloud Formation).
• Automate scanning and enforcement using tools and modern practices (SAST, DAST, SCA), including AI-assisted coding tools.
• Partner with engineering to “shift security left.”

• Mentor teammates and promote best practices across teams.
• Stay current on emerging cloud and AI security threats.

• 5+ years in cloud security or cybersecurity engineering.
• Strong AWS security fundamentals (IAM, networking, encryption, logging/monitoring).
• Experience securing containers (Kubernetes and/or Docker).
• Experience working in regulated environments (HIPAA, HITRUST, SOC
  2).
• Experience implementing automation to improve security outcomes.
• Experience with Zero Trust architecture concepts and implementation.
• Scripting/programming ability (e.g., Python; familiarity with Java/Node.js/C# is a plus).
• Ability to influence and lead cross-functional work without direct authority.

• CISSP, CCSP, and/or AWS Security certifications.