Logix GuruRemote
CLOUD SOLUTIONS ENGINEER: IV (LEAD)
United States of America
Contract
2 weeks ago
H1B Sponsor Likely
Key skills
PythonGoBashPowerShellAWSAzureGCPKubernetesJenkinsEKSAKSGKEOpenShiftPackerAzure DevOpsGitGitOpsCommunicationCloud Security
About this role
Logix Guru is seeking a Cloud Solutions Engineer: IV (Lead) to design, develop, and maintain hardening modules aligned with CIS Benchmarks for various operating systems in cloud environments. The role involves architecting automated pipelines, implementing compliance measures, and collaborating with security teams to ensure robust cloud security practices.
Responsibilities:
- Design, develop, and maintain CIS Benchmark–aligned baseline hardening modules using Puppet (Puppet DSL, Hiera) for Linux distributions (RHEL 8/9, Ubuntu, Amazon Linux, etc.) and Windows Server versions (2019/2022/2025) operating in cloud platforms
- Design and harden Amazon Machine Images (AMIs), Azure Images, and GCP VM Images using Packer, embedding CIS Benchmarks and organizational security controls directly into the base image
- Architect, automate, and maintain Packer‑based pipelines that build, validate, test, and publish hardened AMIs and base images across multiple environments (dev → prod) with full versioning and governance
- Harden Kubernetes worker nodes and managed node groups (EKS, AKS, GKE, OpenShift) using CIS controls, image‑based baselines, and configuration enforcement workflows
- Implement continuous compliance and drift detection pipelines using Puppet, custom scripts, and cloud‑native tooling (Config, Policy-as-Code frameworks)
- Generate automated compliance, deviation, and audit‑ready reports to evaluate adherence to CIS Benchmarks, internal standards, and regulatory frameworks
- Collaborate with Security and Audit teams to translate policies, CIS controls, and hardening requirements into automated guardrails for cloud workloads and images
- Maintain and enhance reusable Puppet modules, roles/profiles, and Hiera data structures to support scalable hardening across hybrid and multi‑cloud environments
- Validate hardened images and baseline controls through testing frameworks (integration tests, compliance scans, InSpec or equivalent)
- Own the cloud image lifecycle: image creation → CIS hardening → validation → signing → publishing → rotation → deprecation
- Maintain expert‑level Linux and Windows system administration skills to troubleshoot, validate, and enhance hardened cloud images and configurations
- Stay current with CIS Benchmark updates, cloud platform hardening recommendations, and evolving industry best practices for image security and baseline governance
Requirements:
- Bachelor's Degree
- 5 years of experience in cloud OS hardening, configuration management, or cloud security engineering
- Strong Linux and Windows system administration experience
- Strong Puppet development experience (Puppet DSL, Hiera)
- Experience building or maintaining hardened cloud images using HashiCorp Packer
- Experience publishing AMIs or cloud images through automated pipelines (Jenkins, Azure DevOps Pipelines, Harness, etc.)
- Hands-on experience implementing CIS Benchmarks for Linux, Windows, and Kubernetes
- Kubernetes hardening experience with EKS, AKS, GKE, or OpenShift worker nodes
- Familiarity with cloud-native configuration and compliance services (AWS Config, Azure Policy, GCP Security Command Center)
- Proficiency in scripting (Python, Bash, PowerShell, Groovy, Go)
- Experience generating automated compliance/audit evidence for regulated environments (PCI, SOX, FFIEC, ISO, etc.)
- Understanding of cloud networking, identity, logging, and security controls across AWS, Azure, and GCP
- Experience with Git, GitOps practices, and secure pipeline workflows
- Excellent documentation, communication, and analytical skills