Conexess GroupRemote
Cloud Security Engineer- AWS WAF (Remote)
United States of America
Contract
3 weeks ago
H1B Sponsor Likely
Key skills
PythonAIAnalyticsAWSTerraformServerlessGitHubSaaSCI/CDCloud SecurityWAFFirewall
About this role
Conexess Group is aiding a large healthcare client in their search for a Cloud Security Engineer in a remote capacity. This role focuses on modernizing and operating AWS WAF, API security, and application security posture at scale, emphasizing automation and operational execution.
Responsibilities:
- Implement, operate, and tune AWS WAF, Firewall Manager, Shield Advanced, and related AWS security services
- Migrate and maintain AWS WAF policies as code using GitHub SaaS, including CI/CD workflows, versioning, testing, and rollback
- Build automation (Terraform, Python) to deploy, manage, and validate WAF and application security controls at scale
- Integrate WAF, API, and application security telemetry into AWS Security Lake to support detection, investigation, and analytics
- Apply AI‑assisted techniques to:
- Reduce WAF false positives
- Improve rule tuning and coverage
- Accelerate threat detection and log analysis
- Develop automation and scripts to produce actionable outputs from the API Ownership Framework, improving visibility and accountability
- Evaluate and enhance application security posture management (ASPM) and API ownership across cloud‑native applications
- Define and implement Noname remediation requirements, ensuring API posture findings are prioritized, actionable, and consumable by engineering teams
- Support day‑to‑day operations of cloud and application security tooling, including troubleshooting, optimization, and routine automation
- Partner directly with application and platform engineers to integrate WAF, API, and application security controls into CI/CD pipelines
Requirements:
- Bachelor's degree in Computer Science or related field (or equivalent experience)
- 8-12 years of hands‑on security engineering experience, primarily in cloud, application, or API security
- Strong hands‑on experience with AWS WAF operations and tuning
- Practical experience with policy‑as‑code and GitHub‑based CI/CD pipelines
- Experience integrating security logs and findings into AWS Security Lake or similar platforms
- Hands‑on experience with API security platforms (e.g., Noname or equivalent)
- Strong automation skills using Terraform and Python
- Experience with application security posture management and cloud‑native architectures (containers, serverless, microservices)
- Ability to translate security findings into clear, actionable remediation guidance
- AWS Security Specialty, GIAC Cloud Security Automation (GCSA) and/or CCSP preferred