Key skills
AWS security servicesAWS architectureIAMVPC securityCloudTrailGuardDutyTerraformCloudFormationCDKDatadog SecurityCloud SIEMsecurity signal managementlog pipeline configurationcustom detection rulesPython scriptingBash scriptingcontainer securityserverless securityNIST CSFCIS BenchmarksSOC 2ISO 27001PythonBashAnalyticsAWSServerlessDatadogSaaSCI/CDCollaborationCloud SecurityZero Trust
About this role
YipitData is a leading market research and analytics firm specializing in the disruptive economy. They are seeking a Cloud Security Engineer to protect their cloud-native infrastructure and SaaS ecosystem, focusing on designing and maintaining security controls while ensuring compliance in a fast-paced environment.
Responsibilities:
- Design, implement, and maintain security controls across our AWS environment
- Manage and tune AWS-native security tooling (GuardDuty, Security Hub, CloudTrail, Inspector, etc)
- Develop and enforce infrastructure-as-code (IaC) security policies using tools such as Terraform
- Conduct periodic reviews of AWS account architecture, SCPs, and organizational unit (OU) structures to ensure least-privilege and segmentation best practices
- Collaborate with Platform Engineering teams to shift left our security posture by embedding security into CI/CD pipelines
- Monitor, investigate, and respond to cloud security alerts and incidents within AWS environments
- Build and maintain cloud-focused detection rules, alerts, and dashboards within Datadog Security (Cloud SIEM, Cloud Security Management, Application Security)
- Develop and operationalize Datadog detection rules, log pipelines, and security signals in collaboration with the SOC team to provide real-time visibility across AWS infrastructure, application logs, and cloud workloads
- Correlate findings from Datadog Security with alerts from Obsidian Security and AWS-native tooling to provide a unified view of risk across cloud and SaaS environments
- Develop automated response playbooks for common cloud and SaaS security events
- Participate in incident response activities, including investigation, containment, and post-incident review for cloud and SaaS-related security events
- Conduct threat modeling exercises for cloud architectures and SaaS integrations
- Support compliance initiatives (e.g., SOC 2, or other frameworks as applicable) by implementing and evidencing technical controls in AWS and SaaS environments
- Maintain security documentation including architecture diagrams, runbooks, and policy documents
- Contribute to internal security audits and third-party assessment processes
- Track and remediate findings from vulnerability scans, penetration tests, and cloud security assessments
Requirements:
- 5+ years of experience in information security, cloud security, or security engineering roles
- 3+ years of hands-on experience with AWS security services and architecture (IAM, VPC security, CloudTrail, GuardDuty, etc.)
- Strong understanding of cloud-native security principles including least privilege, defense in depth, zero trust, and shared responsibility models
- Hands-on experience with Datadog Security or similar cloud-native SIEM/observability platforms (Cloud SIEM, security signal management, log pipeline configuration, custom detection rules)
- Proficiency with Infrastructure-as-Code (Terraform, CloudFormation, or CDK) and policy-as-code frameworks
- Working knowledge of container and serverless security
- Solid scripting/automation skills in Python, Bash, or similar languages
- Familiarity with common security frameworks and standards (NIST CSF, CIS Benchmarks, SOC 2, ISO 27001)