Senior Cloud Security Engineer
: Job Details :

• 3 months Contract-to-Hire.
• Candidates must currently reside in Wichita, Kansas, or be willing to relocate to Wichita before the start date.
• Not accepting 3rd party resumes.
• W2 ONLY, No C2C.

Overview:

We are seeking a talented and driven Cloud Security & Infrastructure Operations Engineer to join our client's growing team. This role combines cloud security expertise with hands-on experience in cloud infrastructure operations, focusing on maintaining the security, performance, and cost-efficiency of cloud environments. The ideal candidate will have a strong background in AWS cloud solutions, cloud security tools, and infrastructure automation, along with excellent communication and project management skills.

Key Responsibilities:

Security Vulnerability Discovery and Remediation:

• Use Cloud Security Posture Management (CSPM), CIEM, and other security tools to identify and mitigate cloud security risks.
• Develop monitoring and alerting processes, and define remediation expectations for cloud misconfigurations and vulnerabilities.
• Analyze and communicate security risks to stakeholders, prioritizing remediation efforts based on risk severity.
• Collaborate with software engineers and product teams to ensure secure software development practices.
• Provide recurring reports on cloud security risks to IT Directors.

Workload Protection Services (WAF Management):

• Design, deploy, and monitor Web Application Firewall (WAF) rules across workloads, ensuring effective security protection while minimizing false positives.
• Manage security protections for internet-facing workloads, including custom rule creation and troubleshooting.
• Escalate security incidents to the Security Operations Center as needed.

Remote Access Solutions:

• Design and implement secure remote access solutions, such as Zscaler ZPA or AWS Client VPN services.
• Collaborate with Cloud Operations to fulfill remote access requests.

Cloud Infrastructure Troubleshooting:

• Troubleshoot cloud infrastructure issues, such as connectivity, capacity, and performance problems, working closely with software engineers.
• Ensure proper ownership and management of cloud resources.

IAM Management Services:

• Create and test standard IAM roles and policies based on least privilege principles.
• Monitor and remediate overprivileged roles, collaborating with customers to ensure security compliance.
• Manage roles and policies using Terraform in GitLab pipelines to ensure consistent enforcement.

EC2 Management:

• Oversee the creation and automation of EC2 instances, assisting the server management team with cloud-specific issues.
• Contribute to hybrid cloud networking design and troubleshooting, ensuring long-term success of EC2 environments.

Cloud Service Management:

• Review and assess cloud services for security risks and supportability, collaborating with customers to define service needs.
• Implement new reference architectures and standards for secure and efficient cloud services.

Application Cloud Infrastructure:

• Work with software engineers and architects to design and maintain cloud-based application solutions.
• Assist with experimentation on new cloud services and solutions.

FinOps Program Management:

• Operate and manage the FinOps program to ensure efficient cloud cost management across product teams and software engineers.
• Identify cost trends and anomalies, collaborating with teams to take corrective actions when necessary.
• Develop automation for cost remediation, ensuring workloads remain cost-efficient.
• Provide recurring executive-level reports on cloud spend trends, including rightsizing recommendations for major cloud services (e.g., compute, storage).

Required Qualifications:

• Expertise with AWS, including AWS Solutions Architect and Security certifications.
• Proficiency in Terraform, Python, GitHub, GitLab, and AWS IAM management.
• Strong understanding of cloud security principles, CSPM, and CIEM tools.
• Experience with remote access solutions, such as Zscaler ZPA or AWS Client VPN.
• Demonstrated ability to manage and troubleshoot cloud infrastructure issues.
• Strong experience with IAM role and policy creation using Terraform and GitLab pipelines.
• Excellent verbal and written communication skills, with the ability to lead projects and manage work independently.

Preferred Qualifications:

• Additional cloud certifications (e.g., Azure, GCP, etc.).
• Experience with Kubernetes.
• Experience with InsightCloudSec or other CSPM tools.

Education:

• A Bachelor's degree in a relevant field is preferred but not required.

Soft Skills:

• Strong project management and organizational skills.
• Ability to prioritize tasks and manage multiple projects simultaneously.
• Strong interpersonal skills with the ability to collaborate effectively with diverse teams.

Our Commitment

ECCO Select is committed to hiring and retaining a diverse workforce. ECCO Select's policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category.

Equal Employment Opportunity is The Law

This Organization Participates in E-Verify