Triage and respond to security requests, tickets, and alerts related to cloud infrastructure, IaC, containers, and networking; prioritize and remediate identified risks and misconfigurations.
Perform security reviews and assessments of IaC code, cloud configurations, Kubernetes deployments, virtual networks, firewalls, DNS, and identity services; collaborate with engineers to implement fixes.
Remediate vulnerabilities and compliance gaps in cloud environments (primarily Azure), pipelines, and configurations.
Contribute to the development and maintenance of modular IaC templates, secure pipelines, automation scripts, and security documentation/guidelines.
Partner with platform/software engineers, DevOps, and architects to embed security practices into SDLC, CI/CD, and infrastructure workflows.
Document security controls, procedures, findings, and lessons learned to support compliance and team knowledge sharing.
Support security enablement by creating reusable patterns, updating standards, and assisting with training or guidance for junior team members and Security Champions as needed.
Monitor emerging threats and stay current on cloud security best practices; contribute updates to Aya's IaC methodologies and workflows.

Requirements

Bachelor’s degree in Computer Science, Information Security, or related field preferred, or equivalent experience.
5+ years of hands-on experience in cloud/infrastructure security engineering (or strong mix of platform and application security experience).
Proficiency in scripting (Python, PowerShell, Bash) for automation, focusing on efficiency and maintainability.
Experience with container orchestration (Kubernetes/AKS preferred) and container security.
Hands-on experience in Azure (strongly preferred) and/or multi-cloud environments; strong knowledge of networking (routing, virtual networks, OSI model, DNS, firewalls, IaaS identity services).
Understanding of secure delivery methodologies, compliance frameworks, and DevSecOps practices.
Self-starter with strong action orientation; thrives in fast-paced, Agile environments with minimal supervision.
Preferred: Relevant certifications (e.g., Azure Security Engineer Associate, Security+) and experience in regulated/healthcare/technology settings.

Benefits

Free premium medical, dental, life and vision insurance
Generous 401(k) match
Aya also offers other benefits to those that are eligible and where required by applicable law, including reimbursements and discretionary bonuses
Aya provides paid sick leave in accordance with all applicable state, federal, and local laws. Aya’s general sick leave policy is that employees accrue one hour of paid sick leave for every 30 hours worked. However, to the extent any provisions of the statement above conflict with any applicable paid sick leave laws, the applicable paid sick leave laws are controlling
Celebrations! We hit our goals and reward ourselves.
Company-sponsored virtual events, happy hours and team-building activities are always on the horizon — plus, you get a special treat on your birthday!
Unlimited DTO — we believe in time off!
Virtual yoga, meditation or boot camp classes offered daily

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud security engineeringinfrastructure securityscriptingPythonPowerShellBashKubernetesAzureIaCDevSecOps

Soft Skills

self-starteraction orientationfast-paced environmentAgilecollaborationknowledge sharingtrainingguidance

Certifications

Azure Security Engineer AssociateSecurity+