Cloud Security Engineer
United States of America
Full Time
1 hour ago
H1B Sponsor Likely
Key skills
AWS security servicesCI/CD security integrationContainer securityInfrastructure as CodeAuthentication protocolsDevSecOps principlesVulnerability managementCISSP certificationLeadership skillsCollaboration skillsAWSAzureTerraformKubernetesJenkinsECSEKSCloudFormationIAMEntra IDOAuthSAMLSSOBitbucketCI/CDLeadershipCommunicationPenetration TestingNetwork SecurityCloud SecurityZero TrustWAF
About this role
Indiana Farm Bureau Insurance is seeking a Cloud Security Engineer to design and implement security architectures for AWS cloud environments. The role involves configuring AWS security services, integrating security controls into CI/CD pipelines, and collaborating with development teams to embed security throughout the software development lifecycle.
Responsibilities:
- Designs and implements comprehensive security architectures for AWS cloud environments, including multi-account strategies, network security, and data protection mechanisms
- Configures and manages AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, WAF, and Shield to maintain continuous security monitoring and threat detection
- Integrates security controls into CI/CD pipelines across Jenkins, and BitBucket, implementing SAST, DAST, SCA, and secrets scanning to enable shift-left security practices
- Partners with development teams to embed security throughout the software development lifecycle, providing guidance on secure coding practices, threat modeling, and vulnerability remediation
- Implements and maintains container security for ECS and Kubernetes (EKS) environments, including image scanning, runtime security monitoring, RBAC configuration, and network policy enforcement
- Develops and enforces Infrastructure as Code (IaC) security standards for Terraform and CloudFormation, including policy-as-code implementation, state file protection, and automated security scanning
- Designs and implements authentication and authorization solutions using OAuth, OIDC, and SAML, following Zero Trust principles and least-privilege access models
- Establishes and supports security champion programs within development teams, providing training, resources, and guidance to promote security awareness and best practices
- Conducts security assessments, vulnerability management, and penetration testing coordination to identify and remediate security risks across cloud infrastructure and applications
- Responds to security incidents, conducts forensic analysis, and develops automated remediation runbooks to improve incident response capabilities
- Integrates and manages SIEM and logging solutions for security event correlation, threat detection, and compliance reporting
- Collaborates with DevOps, development, IT, and compliance teams to ensure security requirements are met while enabling business objectives and maintaining operational efficiency
- Mentors junior security engineers, conducts architecture reviews, and contributes to the development of security policies, standards, and procedures
- Stays current with emerging cloud security threats, vulnerabilities, and best practices, recommending and implementing security improvements to strengthen the organization's security posture
- Any additional duties assigned by management
Requirements:
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field, or equivalent work experience
- At least 3-5 years of experience in information security with a strong focus on cloud security
- Demonstrated hands-on experience with AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, and WAF
- Experience designing and implementing security controls in AWS cloud environments
- Proven experience integrating security into CI/CD pipelines using tools such as Jenkins, BitBucket
- AWS Certified Security – Specialty certification required or must be able to obtain within 12 months
- Strong experience with container composition, runtime environments (ECS, EKS) and container security
- Working knowledge of Infrastructure as Code tools (Terraform, CloudFormation) or ability to learn
- Experience with authentication and authorization protocols including OAuth, OIDC, SAML, and SSO implementations
- Strong experience with Entra ID including conditional access policies, application registrations and RBAC
- Experience with Azure B2C
- Demonstrated experience with code scanning tools, web application firewalls, and vulnerability management
- Strong understanding of DevSecOps principles and shift-left security practices
- Strong communication and leadership skills with the ability to explain technical security concepts to both technical and non-technical audiences
- Strong attention to detail and accuracy
- Ability to work collaboratively across teams and build strong relationships with developers, operations teams, and business stakeholders
- CISSP or equivalent security certification preferred