Act as a subject matter expert in securing Infrastructure as Code (IaC), with a primary focus on the AWS Cloud Development Kit (CDK).
Support and secure our AWS environments by managing and implementing AWS security tooling, including but not limited to AWS Security Hub, Inspector, GuardDuty, AWS WAF, CloudTrail, and others.
Manage and mature IAM Roles and groups, leveraging Access Analyzer, with a focus on advancing an identity and zero trust model.
Lead security application development efforts by implementing and managing security testing tools such as SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing).
Focus on providing architectural guidance and solutions for secure product development.
Proactively classify, triage, and manage security vulnerabilities and risks, providing clear, actionable remediation guidance to development teams.
Act as a subject matter expert, providing actionable recommendations to development teams and assisting with the remediation of security findings.
Assist teams in securing infrastructure code, with a specific focus on the AWS Cloud Development Kit (CDK).
Serve as a backup/on-call resource to support and secure our AWS environments.
Support and secure the delivery pipeline using AWS CodePipeline and GitHub.
Participate in incident detection and threat response activities, helping to identify, contain, and remediate security incidents.
Work with SIEM solutions, manage log ingestion and tuning, and actively respond to security alerts and findings.
Collaborate with engineering teams to design and validate Identity and Access Management (IAM) models for third-party partners and vendors, ensuring least-privilege access to CredLens data assets.
Assist in translating technical security controls into a non-technical context for audit reporting and stakeholder communication.
Support audit and compliance activities for security frameworks such as SOC 2 Type II, ISO 27001, and NIST 800-53, by helping to collect evidence and validate control effectiveness.

Requirements

Proven Seniority: This is not a junior-level role; you have a 5+ year track record of success in DevSecOps, Cloud Security, or Security Engineering.
AWS Expertise: Deep, hands-on experience with AWS security services and cloud best practices.
Security as Code: Proficiency in Infrastructure as Code (IaC) principles; experience with AWS CDK is a plus, but a willingness to master it is essential.
Automation Mindset: Strong scripting and automation skills used to manage vulnerabilities and security testing.
Compliance & Frameworks: A solid understanding of frameworks like SOC 2 Type II, ISO 27001, or NIST 800-53. You can translate these technical controls into clear context for audit reporting.
Audit Readiness: Experience leading evidence collection and supporting external auditors during security assessments.
We prioritize your ability to problem-solve, collaborate, and ensure quality over traditional academic milestones. While a degree in Computer Science or Information Security is welcome, we place higher value on practical, real-world experience and proven industry credentials such as those from ISC2 (CISSP or CCSP), CompTIA Security+, or AWS Certifications (Security or DevOps Specialty).

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

Infrastructure as Code (IaC)AWS Cloud Development Kit (CDK)AWS Security HubAWS InspectorAWS GuardDutyAWS WAFCloudTrailSASTDASTIdentity and Access Management (IAM)

Soft skills

problem-solvingcollaborationcommunicationleadershipremediation guidancearchitectural guidanceincident responsevulnerability managementstakeholder communicationaudit readiness

Certifications

CISSPCCSPCompTIA Security+AWS Security SpecialtyAWS DevOps Specialty