AWS/Cloud Security Manager

About The Position

Requirements

• 6+ years of experience in cloud security or cybersecurity
• Proven experience managing or leading security engineering teams
• Strong understanding of AWS security controls—identity, logging, encryption
• Expert knowledge of AWS IAM, KMS, encryption, CloudTrail, CloudWatch, and AWS security services
• Advanced hands-on Terraform experience, including writing and reviewing modules
• Experience building and maintaining AWS Lambda functions
• Ability to interpret access logs, configurations, and IAM policies
• Experience securing large, multi-account AWS environments
• Must be a U.S. Citizen
• Must be able to obtain and maintain the required Agency clearance

Nice To Haves

• AWS certifications (Cloud Practitioner, Security Specialty, etc.)
• Security compliance or audit certifications
• Experience with container security (EKS/ECS)
• Scripting experience in Python or Bash for automation

Responsibilities

• Lead, mentor, and develop a team of security engineers focused on AWS hardening, Terraform automation, CI/CD security, monitoring, and incident response
• Establish enterprise-wide AWS security standards, policies, and best practices
• Oversee the overall IAM strategy, including roles, policies, identity federation, and least-privilege enforcement
• Guide engineers on AWS Lambda development, serverless architecture, secure coding, and scalable deployments
• Manage deployment and configuration of AWS native security tools including Security Hub, GuardDuty, Config/Config Rules, KMS, and VPC security controls
• Collaborate with DevOps teams to embed security into CI/CD pipelines and Infrastructure as Code workflows
• Enforce security controls for logging, encryption, segmentation, patching, and vulnerability management
• Drive automation for drift detection, patching, remediation, and compliance reporting
• Oversee detection and response activities for AWS security events
• Lead threat investigations, RCA processes, and remediation plans
• Maintain and improve security runbooks, tabletop exercises, and escalation procedures
• Continuously evaluate AWS environments to identify cost-effective security enhancements
• Manage AWS risk register, security assessments, internal controls, and compliance workflows
• Ensure readiness for audits including SA&A, NIST, FISMA, and FedRAMP
• Coordinate evidence gathering, control testing, gap remediation, and auditor engagement
• Conduct configuration reviews, vulnerability scans, and compliance checks
• Review and approve new AWS architectures from a security perspective
• Partner with engineering and development teams to train and promote secure cloud practices
• Report security risks, KPIs, and metrics to senior leadership
• Participate in on-call rotations to support 24/7 production systems and incident response