Key skills
AWSGCPAzurecloud security principlessecurity automationSOC 2ISO 27001GDPRHIPAAIAMnetwork securityTerraformAWS CloudFormationPythonBashSIEMIDS/IPSvulnerability managementcloud security certificationscontainer securityDevSecOpsZero TrustKubernetesDockerCloudFormationAzure ADCI/CDCommunicationNetwork SecurityCloud Security
About this role
Workstreet is a fast-growing startup focused on helping businesses scale securely through innovative security and compliance programs. They are looking for a Cloud Security Engineer to design, implement, and maintain security controls for clients, ensuring compliance with various frameworks and enhancing cloud security posture across AWS, GCP, and Azure environments.
Responsibilities:
- Implement Cloud Security Controls: Apply and maintain security best practices across AWS, GCP, and Azure to ensure alignment with compliance and regulatory standards
- Assess Cloud Environments: Evaluate client infrastructures to identify security risks, misconfigurations, and vulnerabilities, providing targeted remediation recommendations
- Deploy and Manage Security Tools: Configure and maintain SIEM, IDS/IPS, vulnerability management, and identity solutions to strengthen cloud security posture
- Support Compliance Initiatives: Contribute to SOC 2, ISO 27001, and HIPAA efforts through control implementation, testing, and evidence validation
- Automate Security Operations: Develop and manage infrastructure-as-code (IaC) scripts to streamline and enforce consistent cloud security controls
- Conduct Cloud Security Reviews: Perform architecture assessments and configuration reviews to ensure secure design and adherence to best practices
- Collaborate with Engineering Teams: Integrate security practices into CI/CD pipelines and development workflows to prevent vulnerabilities early in the lifecycle
- Assist in Incident Response: Investigate and remediate cloud-related security incidents to minimize exposure and restore integrity
- Communicate with Clients: Engage directly with clients via multiple channels to address security inquiries and deliver actionable guidance
Requirements:
- Hands-on experience securing AWS, GCP, or Azure environments
- Strong understanding of cloud security principles, IAM, network security, and compliance controls
- Proficiency in security automation using tools like Terraform, AWS CloudFormation, Python, or Bash
- Working knowledge of compliance frameworks such as SOC 2, ISO 27001, GDPR, or HIPAA
- Experience with Microsoft security and identity ecosystem, including Azure, Microsoft Entra (Azure AD), EDR, MDM, and VDI environments
- Excellent troubleshooting and problem-solving abilities
- Strong written and verbal communication skills in English
- Ability to manage multiple client projects and interact directly with US-based clients
- Reliable high-speed internet connection
- Quiet, professional home office setup
- Must be amenable to working US Eastern Time zone hours
- Fluency in written and verbal English communication skills
- Experience with SIEM, IDS/IPS, vulnerability management, and log analysis tools
- Relevant cloud security certifications (e.g., AWS Certified Security – Specialty, GCP Security Engineer, CISSP, CISM, or CISA)
- Familiarity with container security (Docker, Kubernetes) and DevSecOps practices
- Understanding of Zero Trust and identity-centric security models
- Prior experience working in a fast-paced startup or managed security environment