Key skills
Cloud security engineeringAWSTerraformInfrastructure as codeIAMEncryptionNetwork securityLoggingmonitoringEndpoint protectionCompliance frameworksPythonBashPowerShellTypeScriptKubernetesDockerEKSCI/CDCommunicationNetwork SecurityCloud SecurityZero TrustWAF
About this role
Assured is on a mission to modernize insurance by providing software solutions for large insurers. As a Staff Cloud Security Engineer, you will design secure AWS environments, lead security assessments, and collaborate with teams to integrate security controls, ensuring the protection of data and compliance as the company grows.
Responsibilities:
- Design, implement, and scale secure AWS environments that balance innovation and compliance
- Build and maintain Terraform modules and infrastructure-as-code pipelines to ensure consistent, auditable, and secure deployments
- Lead regular security assessments, perform vulnerability testing, and drive incident response efforts
- Collaborate with engineering and DevOps teams to integrate security controls into CI/CD workflows and product lifecycles
- Define IAM strategies, implement network segmentation, apply encryption standards, and establish continuous monitoring practices
- Detect anomalies, investigate alerts, and respond to evolving threats across our cloud ecosystems
- Guide peers on secure design, share knowledge of emerging risks, and promote cloud security best practices
- Stay ahead of emerging threats and tools while shaping our long-term security strategy with creativity and foresight
Requirements:
- Deep experience in cloud security engineering with a strong focus on AWS
- Mastery of Terraform and infrastructure-as-code principles
- Expertise in IAM, encryption, network security, and logging/monitoring best practices
- Hands-on experience with endpoint protection (EDR, MDM, antivirus, etc.)
- Understanding of compliance frameworks such as SOC 2, ISO 27001, GDPR, or HIPAA
- Strong scripting and automation skills (Python, Bash, PowerShell, or TypeScript)
- Excellent communication and problem-solving abilities across technical and non-technical teams
- Certifications like AWS Certified Security – Specialty, CISSP, or GIAC Cloud Security Essentials (GCLD)
- Familiarity with AWS security services such as GuardDuty, Security Hub, Detective, WAF, CloudTrail, or SIEM platforms
- Experience with container and Kubernetes security (EKS, Docker, Aqua Security)
- Understanding of Zero Trust architectures and modern identity strategies