FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Cloud Security Engineer
BRINC Drones. Conduct a full AWS security posture assessment - IAM, S3 bucket policies, VPC security groups, exposed endpoints, and logging gaps - and deliver a prioritized remediation roadmap .
Posted 4/22/2026full-timeSeattle • Washington • 🇺🇸 United StatesMid-LevelSenior💰 $114,385 - $172,916 per yearWebsite
Tech Stack
Tools & technologiesAWSCloudPythonSDLCSplunk
About the role
Key responsibilities & impact- Conduct a full AWS security posture assessment - IAM, S3 bucket policies, VPC security groups, exposed endpoints, and logging gaps - and deliver a prioritized remediation roadmap
- Activate and tune AWS Security tools across all accounts and regions
- Enforce least-privilege IAM - eliminate wildcard permissions, audit all existing roles, and implement role-based access patterns
- Enable AWS Config Rules and automated remediation for common misconfigurations - public S3 buckets, unencrypted volumes, unrestricted security groups
- Design and implement a secrets management strategy
- Establish a vulnerability management program for cloud workloads
- Own cloud infrastructure incident response - detection, triage, containment, and post-incident review
- Implement DLP policies - data classification, external sharing controls, and external forwarding restrictions
- Manage and mature the Zero Trust / VPN solution
- Own SIEM selection and deployment; configure alerting and on-call
- Implement phishing-resistant MFA (hardware keys or passkeys) for privileged accounts
- Conduct annual security awareness training and quarterly phishing simulations
- Maintain security policies: Acceptable Use, Access Control, Incident Response, Vulnerability Management, and Data Classification
- Own SOC 2 Type II continuous compliance and conduct a controls gap assessment
- Partner with Engineering to implement security controls in the SDLC - SAST, dependency scanning, and secrets detection in CI/CD pipelines
- Own the vendor security review process - evaluate third-party tools for risk before procurement
- Maintain a risk register and report quarterly
- Build and own the Incident Response Plan - define severity levels, escalation paths, and communication templates
Requirements
What you’ll need- 5–8 years of security engineering experience with a strong AWS focus
- Hands-on experience with AWS security services - GuardDuty, Security Hub, CloudTrail, Config, IAM, and Service Control Policies
- Demonstrated SOC 2 or ISO 27001 readiness experience - ideally as primary technical lead
- Proficiency in at least one SIEM platform - Splunk, Elastic, Panther, or equivalent
- Scripting/automation ability in Python or Bash
- Google Workspace security and administration experience
- Strong written communication - security policies, runbooks, and executive summaries
- Relevant certifications: AWS Security Specialty, CISSP, CCSP, or CISM
Benefits
Comp & perks- Comprehensive medical, dental and vision plans for our employees and their families
- 401K plan
- Maternity and paternity leave
- Flexible Time Off (Exempt) / Paid time off (Non-Exempt)
- Flexible work environment
- Orca pass (for those in Puget Sound)
- Free parking (Seattle office)
- Free snacks, drinks and espresso (Seattle office)
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
AWS security posture assessmentIAMS3 bucket policiesVPC security groupsAWS Security toolsAWS Config Rulessecrets managementvulnerability managementDLP policiesSIEM
Soft Skills
strong written communicationincident responsecollaboration with Engineeringsecurity awareness trainingrisk management
Certifications
AWS Security SpecialtyCISSPCCSPCISM