Design, implement, and maintain security controls across AWS services (EC2, S3, RDS, EKS, ECS, Lambda, API Gateway)
Configure and optimize AWS security services including GuardDuty, CloudTrail, CloudWatch, Security Hub, and AWS Config
Implement VPC security architecture, network segmentation, security groups, and NACLs
Manage CloudFront and ALB security configurations including WAF rules
Secure containerized workloads and serverless architectures
Design and implement least-privilege IAM policies, roles, and permission boundaries
Manage AWS Identity Center (SSO) and integration with Okta
Conduct access reviews and support user provisioning while maintaining security standards
Implement secure service-to-service authentication patterns
Monitor and respond to security alerts from GuardDuty, CloudTrail, and AWS security services
Investigate and remediate security findings from Wiz cloud security platform
Perform threat analysis and security incident investigation
Develop security incident response playbooks for cloud threats
Implement and maintain security controls for Databricks workspaces on AWS
Support SOC 2 and other compliance audit requirements
Maintain security documentation and audit trail evidence
Enforce security policies and compliance standards across AWS accounts
Partner with Engineering, DevOps, and IT teams to integrate security into cloud operations
Automate security processes using Infrastructure as Code
Document security architectures, procedures, and runbooks
Provide security guidance on AWS best practices
Coordinate with external security vendors, testers, and auditors as needed

Requirements

3+ years of hands-on experience securing AWS environments
Deep technical expertise with AWS security services: IAM, Identity Center, GuardDuty, CloudTrail, CloudWatch, Security Hub, AWS Config
Strong experience with core AWS services: EC2, S3, RDS, EKS, ECS, VPC/Networking, Lambda, SQS/SNS, CloudFront, ALBs, API Gateway
Experience with Databricks on AWS, including security configurations and best practices
Hands-on experience with Wiz or similar cloud security posture management (CSPM) tools
Knowledge of identity and access management principles, including federated identity (Okta, SAML, OIDC)
Experience supporting compliance frameworks such as SOC 2, ISO 27001, or similar standards
Scripting skills (Python, Bash, PowerShell) for security automation
Understanding of network security, encryption, and security monitoring in cloud environments
Strong problem-solving skills with ability to investigate and remediate security issues

Benefits

Competitive compensation
Ample career and professional growth opportunities
New Headquarters with an open floor plan to drive collaboration
Health, dental, and vision insurance
Pre-tax savings plans and transit/parking programs
401K with competitive employer match
Volunteer and philanthropic activities throughout the year
Educational and social events
The amazing opportunity to work for a high-flying performance marketing company!

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AWSIAMGuardDutyCloudTrailCloudWatchSecurity HubAWS ConfigDatabricksPythonBash

Soft Skills

problem-solving

Certifications

SOC 2ISO 27001