AWS Cloud Security Engineer

To Apply for this Job Click Here

Cloud Security Architect / Engineer
Location: Remote
FTE

Overview

Our client is seeking a Cloud Security Architect/Engineer to help design, build, and continuously improve secure AWS cloud environments—while also addressing modern risks across workforce security, DevSecOps, and AI/GenAI use cases. This role partners closely with engineering, product, enterprise systems, and data science teams to embed security into how systems are built and operated.

What You’ll Do:

Cloud Security Architecture

• Design and implement secure cloud architectures in AWS.

• Build and maintain security guardrails and standards (IAM, network segmentation, encryption, etc.).

• Apply Zero Trust principles across cloud systems and user endpoints.

• Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.).

• Review existing cloud implementations, identify gaps, and drive remediation priorities.

Workforce / Identity Security

• Define and enforce endpoint and access controls.

• Improve identity lifecycle processes and privileged access management (PAM).

• Partner with engineering teams to implement a secure VDI environment to support PHI access.

AI/ML & GenAI Security

• Define security controls for AI/ML and GenAI applications.

• Work with Data Science to reduce risks like model poisoning, prompt injection, data leakage, and adversarial attacks.

• Secure agentic AI systems (autonomous workflows / decision-making agents).

• Help embed security into the model development lifecycle (MLSecOps).

Compliance, Risk, and Assurance

• Partner with GRC to support compliance with healthcare frameworks and regulations (HIPAA, HITRUST, SOC 2, etc.).

• Perform risk assessments and threat modeling for cloud and AI systems.

• Support audits by ensuring controls and documentation are in place.

Detection, Response, and Automation

• Implement and tune cloud-native monitoring/detection (SIEM, CSPM, CWPP).

• Build automated response/remediation workflows.

• Support incident response for cloud security events.

DevSecOps

• Integrate security into CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation).

• Automate scanning and enforcement using tools and modern practices (SAST, DAST, SCA), including AI-assisted coding tools.

• Partner with engineering to “shift security left.”

Leadership

• Mentor teammates and promote best practices across teams.

• Stay current on emerging cloud and AI security threats.

What We’re Looking For (Must-Haves)

• 5+ years in cloud security or cybersecurity engineering.

• Strong AWS security fundamentals (IAM, networking, encryption, logging/monitoring).

• Experience securing containers (Kubernetes and/or Docker).

• Experience working in regulated environments (HIPAA, HITRUST, SOC 2).

• Experience implementing automation to improve security outcomes.

• Experience with Zero Trust architecture concepts and implementation.

• Scripting/programming ability (e.g., Python; familiarity with Java/Node.js/C# is a plus).

• Ability to influence and lead cross-functional work without direct authority.

Nice-to-Haves

• CISSP, CCSP, and/or AWS Security certifications.

• Master’s degree in a relevant field.

To Apply for this Job Click Here

Equal Employment Opportunity Statement
Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.