Perform systems administration and maintenance including patching, vulnerability scanning, compliance scanning and remediation, backups, and recovery for cloud workloads.
Support AWS & GCP environments, including Windows and Linux virtual machines, container workloads, and cloud services such as EC2, EBS, S3, RDS, WorkSpaces (AWS), Compute Engine, Cloud Storage, Cloud SQL (GCP), and Active Directory or equivalent identity services.
Configure, update, and maintain security tools for endpoint protection, log collection, vulnerability scanning, and compliance monitoring.
Troubleshoot issues across network, compute, application, and identity layers by reviewing logs, collecting data, and analyzing system behavior.
Implement hardening and compliance controls using CIS Benchmarks, DISA STIGs, and FedRAMP requirements.
Remediate vulnerabilities identified by tools such as Tenable, Trivy, OpenSCAP, Anchore, Twistlock, and others.
Provide quality assurance feedback during system deployments to ensure architecture meets compliance and operational requirements.
Collaborate with Security Analysts to ensure uninterrupted delivery of security services to customers.
Create and maintain documentation including network diagrams, dataflow diagrams, SOPs, and security tool configuration guides.
Support client communications, deliverables, and issue resolution with strong verbal and written communication skills.
Support and mentor junior engineers as and when required.
Serve as primary or backup on-call engineer during assigned rotation.
Respond to after-hours security alerts, infrastructure incidents, outages, and ConMon events.
Perform initial triage, containment, and stabilization using established runbooks.
Investigate and respond to alerts generated.
Escalate complex issues to senior engineers, architects, or compliance teams.
Document incidents, actions taken, and recommended improvements.
Contribute to automation improvements and runbook enhancements.

Requirements

Six (6) or more years of IT engineering and/or cybersecurity experience, with at least three (3) years working in a dedicated cloud security engineering or similar position.
Hands-on experience with both AWS and Google Cloud Platform (GCP).
Ability to diagnose and resolve issues across Linux and Windows systems, network infrastructure, and cloud services.
General systems administration and vulnerability management experience, including system patching and hardening, identity and access management (IAM), and related tasks.
Experience working in a DevSecOps environment, integrating security practices into cloud and infrastructure workflows.
Familiarity with ITSM ticketing systems such as Gitlab (preferred), Jira, ServiceNow, etc.
Ability to work independently during both business hours and on-call periods.
Strong written and verbal communication skills for customer interaction and incident documentation.
Hands-on experience with one or more of the following tools: Splunk Enterprise, Tenable Security Center/Nessus, Invicti/Acunetix, Appgate, Okta, GitLab, Palo Alto Networks Firewalls, TrendMicro Deep Security, Trivy, Anchore, Terraform, CloudFormation, Ansible

Benefits

Health/Dental/Vision
401(k) match
Paid Time Off
STD/LTD/Life Insurance
Referral Bonuses
Professional development reimbursement
Parental leave

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud security engineeringsystems administrationvulnerability managementsystem patchingidentity and access managementDevSecOpstroubleshootingcompliance monitoringautomation improvementsincident documentation

Soft Skills

strong communication skillsmentoringindependent workcollaborationproblem-solvingcustomer interactionquality assurance feedbackdocumentation skillsissue resolutiontriage and containment