Key skills
PythonBashPowerShellAWSIAMCloudWatchSumo LogicSaaSCI/CDCloud Security
About this role
Kellton is seeking a Senior Cloud Security Engineer to contribute to security design within AWS. The role involves designing cloud-native security solutions, integrating security into CI/CD pipelines, and improving security engineering patterns.
Responsibilities:
- Contribute to forward-thinking security design within AWS, helping contribute to patterns that make secure implementation the default for engineering teams
- Design and deliver cloud-native security solutions that enhance visibility, strengthen protection controls, and enable automated detection and remediation across AWS and SaaS environments
- Develop code and infrastructure as code to operationalize security controls using modern tooling and automation frameworks
- Design, deploy, and manage highly available, secure, and scalable cloud security services running in production
- Integrate security capabilities into CI/CD pipelines and engineering workflows to make secure implementation the default
- Partner across and beyond the Information Security organization to turn risk priorities and detection gaps into engineered solutions
- Research, prototype, and validate new approaches, then carry them through architecture, documentation, and full production implementation
- Provide risk assessments and data-driven recommendations that influence engineering and security decisions
- Identify systemic security weaknesses and implement durable, automated fixes that reduce recurring risk
- Strengthen reusable cloud security patterns, reference architectures, and automation frameworks to increase consistency and speed
- Operate and continuously improve security tooling and services, including tuning, upgrades, and integrations
- Contribute to forward-looking design within AWS to enhance resilience, observability, and operational maturity
- Evaluate and promote new security standards, tools, and automation approaches that increase scale and effectiveness
Requirements:
- 3 to 5 years of hands-on experience in cyber defense, including threat hunting, detection engineering, or incident response within a cloud or enterprise environment
- Practical experience working in AWS environments, including investigating activity using telemetry such as CloudTrail, IAM logs, VPC Flow Logs, and CloudWatch
- Experience writing and tuning SIEM queries and detections, with a strong understanding of how to improve signal-to-noise and reduce false positives
- Experience executing structured threat hunts, including forming hypotheses, analyzing data, documenting findings, and recommending actionable improvements
- Experience supporting incident response activities, including log analysis, impact scoping, and clear documentation of findings and remediation steps
- Familiarity with attacker behaviors and frameworks such as MITRE Telecommunication &CK, and the ability to apply them in practical detection and investigation scenarios
- Working knowledge of scripting or automation using tools such as Python, PowerShell, or Bash to improve efficiency in investigations and reporting
- Experience with Sumo Logic is a plus