GuidehouseRemote
AWS Cloud Security Engineer
United States of America
Full Time
5 days ago
$89,000 - $148,000 USD
No H1B
Key skills
PythonBashAWSTerraformGitHub ActionsECSEKSHelmArgoCDCloudFormationEC2LambdaS3RDSCloudFrontIAMCodeBuildIdentity ManagementDatadogSentryGitHubCI/CDPenetration TestingCloud Security
About this role
Guidehouse is a leading consulting firm, and they are seeking an experienced AWS Cloud Security Engineer to design, implement, and maintain security controls across AWS cloud environments. The role focuses on safeguarding cloud workloads, ensuring compliance with industry standards, and driving best practices in identity management, monitoring, and threat detection.
Responsibilities:
- Design and implement secure architectures within AWS using services such as IAM, KMS, CloudTrail, Config, and third-party tools/services like Sentry, Datadog etc
- Implement and manage centralized logging, monitoring, and alerting solutions
- Conduct threat modeling, vulnerability scanning, and penetration testing
- Ensure AWS environments comply with security frameworks (CIS Benchmarks, NIST, HIPAA, FedRAMP, SOC 2 etc.) as applicable
- Support incident detection, investigation and response within AWS workloads
- Maintain and monitor audit trails across accounts and services
- Work with compliance and risk teams to align security with regulatory requirements
- Automate security controls and compliance checks with Infrastructure as Code (IaC) (Terraform, CloudFormation etc.)
- Integrate security into CI/CD pipelines, enabling secure build and deployment processes
- Collaborate with DevOps/Engineering teams to implement 'shift-left' security practices
Requirements:
- US Citizenship or Green Card is required
- Bachelor's degree. Additional Four (4) expedience can be used in lieu of degree
- Minimum of Four (4) to Eight (8) years of prior relevant experience in cloud security or cybersecurity roles, with at least 5+ years focused on AWS security
- Expertise in AWS core services (EC2, S3, RDS, Lambda, ECS/EKS, CloudFront, Route 53, IAM, etc.)
- Assist senior transition team in account handoff validation, CI/CD pipeline validation, GitHub Actions audit, CodeBuild job review, Argo sync check, artifact migration, secrets verification, deployment dry runs, rollback prep, cutover support
- Monitor deployment pipeline and build status, build troubleshooting, deployment automation, Helm chart maintenance, Dockerfile updates, environment config management, release coordination, developer support
- Ownership of services like GitHub Actions, AWS CodeBuild, ArgoCD, Helm charts, Dockerfiles, secrets management, environment variables, deployment workflows, Terraform templates
- Proven ability to work autonomously and collaborate, mentor, help, and support other team members, as needed to solve complex operational and reliability problems
- Strong development background in Python, Bash or similar
- No visa sponsorship available for this position
- Must be able to OBTAIN and MAINTAIN a Federal or DoD 'PUBLIC TRUST'; candidates must obtain approved adjudication of their PUBLIC TRUST prior to onboarding with Guidehouse. Candidates with an ACTIVE PUBLIC TRUST or SUITABILITY are preferred
- AWS Certified Security – Specialty (Highly desirable)
- AWS Certified Solutions Architect or DevOps Engineer certifications
- CISSP, CISM or GIAC certifications