Senior Cloud Security Engineer

Location: Boston, Massachusetts, United States
Salary: competitive
Sectors: Banking IT
Job Type: Permanent
Apply for this Job

Job Overview

This is a senior hands-on/technical AWS Security/Devops engineer position which will work on an infrastructure/devops team and be responsible to drive IT Cloud transformation, implementation, evangelism of Our upcoming next-gen IT platform and ensure that security is defined and implemented. This role will help drive architecture principles and best practices to be leveraged across the organization.

This transformation (managed by the team) will include:

  • Identification of the use-case to consume Public Cloud based on the pillars we defined.
  • Identification and containerization (Docker/K8S stack) of the applications that will need scalability / elasticity / fast provisioning.
  • CI/CD and Blue Green deployment approach.
  • "APIzation" of Infrastructure to serve CI/CD deployment.
  • This position will define and propose IT transformations to the team. A main focus for this position will design, implement, integrate and maintain all aspects of IT security as it pertains to Our AWS Cloud transformation initiatives.


  • This is a senior AWS Security Devops engineer position within Our Infrastructure / DevOps team. This role will drive, contribute and support AWS Cloud IT security strategy for Us.
  • Design, Drive and Rollout AWS Services Sandbox environments required for AWS training and for AWS Services exploration for research and developer groups.
  • Design, Drive and Rollout IT Security controls necessary for each new AWS Services that we will deployed either via AWS Service catalog or natively deployments.
  • Design, Drive and Rollout IT Security controls necessary for AWS multi-account management automation stacks.
  • Collaborate with Network Engineering and Cyber Security teams to integrate AWS Cloud designs, initiatives and controls into other platforms and workflows.
  • Provides exceptional AWS Cloud security expertise at a very technical level focused on design, engineering and operational support towards the successful delivery of this IT transformation.
  • Participate in deep Cloud architectural discussions and drive topics, directions and problem solving outcomes to ensure solutions are designed for successful security controls for Cloud technologies; AWS public/private cloud, SaaS solutions and on-prem.
  • Build and maintain effective partnerships with key cross functional leaders and team members - Transversal leadership and ability to federate is key for this team position (you will be part of Scrum Cloud Team and you will need to do the junction with IT Security chapter).
  • Educate and coach project team members, sponsors, and functional leaders on Cloud security aspect, and their roles in effective change.
  • Facilitate and advance high level strategic decision making through detailed analyses and material preparations.
  • Recommend appropriate new or revised process management tools and practices around IT Cloud Security you will manage.
  • Design, guide and support multiple security Cloud work stream leads through the design and implementation of targeted change strategies including identification of change impacts to people, process, policy, and structure, stakeholder identification and alignment, appropriate communication and feedback loops, success measures, training, organizational readiness, and long-term sustainability.


  • Bachelor's (Master's preferred) degree in Computer Engineering or related field; at least 7 years of prior experience, financial services exposure is a plus.
  • Proven record of similar experience to secure AWS Cloud for a firm with a solid experience of pros and cons of each Security tools provided by AWS. This experience needs to have been done with automation (Python).
  • Proven record of building DevSecOps API to support "Infra As Code" approach in CI/CD context so a solid experience with Python/Flask RestPlus/Swagger and CI/CD/Blue-Green deployment (Git/Gitlab/Gitlab CI).
  • Experience with securing Docker containers and Kubernetes stacks.
  • Working on daily basis with Python / Boto3.
  • Working on daily basis with Kanban or Agile Scrum sprint.
  • Strong motivation to enhance cyber security controls and processes.
  • Strong passion for technology, a willingness to learn new skills and the ability to evangelize.
  • Self-motivated and self-directed, ability to translate technical direction into functional solutions.
  • Ability to work effectively, managing multiple priorities while collaborating with cross-functional teams.
  • Proven ability to investigate complex issues spanning multiple technologies and drive to completion.
  • Ability to work with vendors, management, and staff at all levels within the organization.
  • Complete understanding of AWS Cyber Security services and platforms including but not limited to; GuardDuty, Inspector, AWS Config, Tower, Detective, Security Hub, Macie, CloudWatch, CloudTrail and STS.
  • Complete understanding of AWS access controls methods and options including but not limited to; KMS, IAM, Bucket Policies, permission boundaries SCP and Organizations.
  • Complete understanding of AWS Networking components including but not limited to; Transit Gateways, VPC, API/HTTP Proxy and Bastions.
  • Complete understanding and ability to automate and integrate services and applications using but not limited to; Lambda functions, Cloud Formation and post-scripting with the concept of "least privileged" access controls.
  • Understanding of MITRE ATT&CK framework techniques and methodologies and how those pertain to our cloud design and provisioning.
  • Ability to review adhoc AWS Services and/or alternative integrations into cloud and understand how to integrate

Sthree US is acting as an Employment Agency in relation to this vacancy.

Apply for this Job