Cloud Security Engineer We are seeking a Cloud Security Engineer with deep AWS expertise to secure our cloud infrastructure, applications, and workloads. This role is responsible for designing and implementing security controls, ensuring compliance, and integrating security into DevOps and engineering workflows. The Cloud Security Engineer will play a key role in protecting AWS environments and driving best practices across the organization. What You’ll Do Design and implement AWS security architectures aligned with compliance and best practices. Assess cloud security risks, enforce security policies, and support audits across AWS environments. Manage AWS Identity and Access Management (IAM), Organizations, and Control Tower to enforce least privilege and role‑based access controls. Deploy and manage AWS‑native security services such as Security Hub, GuardDuty, Macie, Inspector, WAF, and Shield. Configure and maintain encryption solutions (AWS KMS, CloudHSM, ACM, Secrets Manager). Integrate AWS logging and monitoring (CloudTrail, CloudWatch, Config) with SIEM platforms for threat detection. Secure networks via AWS VPCs, Security Groups, ACLs, and PrivateLink. Work with DevOps to embed security in CI/CD pipelines using AWS‑native and third‑party tools. Automate security with Terraform, CloudFormation, and scripting (Python, Bash, PowerShell). Apply container and Kubernetes security practices for AWS EKS, ECS, and Fargate environments. Conduct vulnerability assessments, penetration testing, and remediation in AWS environments. Drive compliance with CIS AWS Benchmarks, NIST, ISO 27001, SOC2, PCI‑DSS, and HIPAA frameworks. Develop and test incident response and disaster recovery plans for cloud systems. Train internal teams on cloud security risks, controls, and emerging best practices. What You’ll Bring to the Table 10+ years of IT/security experience with 4+ years focused on AWS cloud security. Strong knowledge of AWS‑native security tools (GuardDuty, Security Hub, Macie, Inspector, WAF, Shield, CloudTrail, CloudWatch). Proficiency in encryption and key management using AWS KMS, CloudHSM, and ACM. Experience with Infrastructure‑as‑Code and automation (Terraform, CloudFormation, Python, Bash, PowerShell). Skilled in container and serverless security (EKS, ECS, Fargate, Lambda). Knowledge of Zero Trust, identity federation, and RBAC in AWS environments. Experience with vulnerability scanning, penetration testing, and audit readiness in cloud environments. Familiarity with SIEM and SOAR tools, incident response, and forensic analysis in AWS. Experience with multi‑cloud environments (Azure, GCP) is a plus. AWS Security Specialty or equivalent certifications preferred (CISSP, Solutions Architect, DevOps Engineer). Skills That Set You Apart Strong problem‑solving mindset with the ability to act proactively in fast‑paced environments. Excellent communicator, able to explain security concepts to technical and business stakeholders. Team‑oriented collaborator who integrates security seamlessly into DevOps and engineering workflows. Dedicated to continuous learning, with a passion for emerging security technologies and threats. Ethical and business‑minded, balancing security best practices with operational needs. Education & Experience Bachelor’s degree in Computer Science, Cybersecurity, or a related field preferred. Professional certifications such as CISSP, AWS Security Specialty, or equivalent strongly preferred. Proven track record of leading cloud security initiatives in regulated industries. Diversity, Equity & Inclusion Momentum Financial Services Group welcomes applicants from all backgrounds, genders, and experiences. We are committed to maintaining an inclusive environment and ensuring equitable hiring practices. #J-18808-Ljbffr