Zeller

Senior Cloud Security Engineer (7-12 Years)

Job Description

About the role

We are seeking an experienced and innovative Senior Cloud Security Engineer or Cloud Security Architect with a strong focus on AWS Security Specialty. As an individual contributor with extensive expertise in cloud security, you will play a pivotal role in enhancing and maintaining the security of our AWS infrastructure and services. Your responsibilities will include driving process automation, designing and implementing cutting-edge security solutions, and overseeing various cloud-related aspects such as network security, backup, content delivery, vulnerability scanning, configuration management, application security, Route 53, Control Tower, traffic management, pattern identifications, and certificate management.

Automation will be a central aspect of your engineering work as you advocate for and implement best practices. You will be responsible for leading the technical direction in cloud security and driving the implementation of security measures to protect our AWS environment.


Your responsibilities will include
  • Conduct security assessments, including penetration testing, vulnerability assessments, and security audits, to identify security vulnerabilities in web applications, networks, systems, and infrastructure.
  • Perform penetration tests on web applications, mobile applications, APIs, and network infrastructure to identify vulnerabilities such as SQL injection, XSS, CSRF, and other security issues.
  • Utilize automated tools and manual techniques to assess security risks and exploit vulnerabilities, simulating real-world cyber-attacks.
  • Develop and execute advanced penetration testing plans, encompassing scoping, reconnaissance, exploitation, and thorough reporting.
  • Collaborate closely with development and operations teams to address security vulnerabilities and provide expert recommendations for effective mitigation strategies.
  • Implement pattern identification and behaviour analysis mechanisms to detect and respond to anomalous activities across the infrastructure.
  • Stay updated with the latest AWS security threats, vulnerabilities, and best practices, and proactively implement necessary countermeasures to enhance security posture.
  • Collaborate with cross-functional teams to establish and enhance incident response plans and actively participate in security incident investigations and resolution.
  • Provide expert guidance and support to other teams, advising on secure AWS development practices, security guidelines, and threat mitigation techniques.
  • Document sophisticated security processes, procedures, and guidelines, contributing to the development of comprehensive security policies and standards specific to AWS.

    • What we are looking for
  • Proven experience as a Senior Cloud Security Engineer, Cloud Security Architect, or a related role with a strong focus on penetration testing in AWS environments.
  • Hands-on experience with penetration testing tools and frameworks, such as Kali Linux, Burp Suite, Metasploit, and Nessus, specifically applied to AWS environments.
  • Strong understanding of common web application vulnerabilities (e.g., OWASP Top 10), network protocols, and security technologies.
  • Familiarity with security frameworks and standards, such as NIST Cybersecurity Framework and PCI DSS, as applied to AWS environments.
  • Strong understanding of penetration testing methodologies, tools, and frameworks.
  • Proficiency in using various security tools, including but not limited to Burp Suite, Metasploit, Nmap, Nessus, Wireshark, etc.
  • Knowledge of web application security, mobile application security, network security, and secure coding practices.
  • Demonstrated analytical and problem-solving skills, with the ability to assess risks and recommend appropriate security controls.
  • Excellent communication and collaboration skills, with the ability to work effectively across cross-functional teams and present complex security concepts to non-technical stakeholders.
  • AWS Certified Security - Specialty or higher certification is highly desirable.

    • Bonus Points
  • Experience in working within a high-growth environment.
  • Security professional certifications encouraged ( CISSP, CEH, OSCP etc.)  
  • Experience in other cloud platforms (Azure, Google)
  • Experience in payments
  • Experience with PCI compliant environments (PCI-DSS, etc)

    • Apply Now
    Job Summary

    Clickhouse

    Detection and Incident Response Security Engineer

    The Security Team is responsible for providing key security capabilities covering application, cloud and enterprise security, incident response, detection and GRC. Our te;
    • USA Only
    • 23 days ago

    Scribd

    Senior Security Engineer

    About the team and role:Our Security Engineering Team is responsible for ensuring the security of both our applications and our cloud infrastructure. We take a proactive ;
    • USA Only
    • 11 days ago

    Booksy

    Senior Security Engineer (DFIR)

    A career at Booksy means you’re part of a global team focused on helping people around the world feel great about themselves, every day. From empowering entrepreneurs to ;
    • Poland Only
    • 2 days ago

    Kaseya

    DevSecOps Engineer

    Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwi;
    • USA Only
    • one month ago