Cloud Security Engineer

About The Position

Requirements

• 5+ years of experience in information security, cloud security, or security engineering roles
• 3+ years of hands-on experience with AWS security services and architecture (IAM, VPC security, CloudTrail, GuardDuty, etc.)
• Strong understanding of cloud-native security principles including least privilege, defense in depth, zero trust, and shared responsibility models
• Hands-on experience with Datadog Security or similar cloud-native SIEM/observability platforms (Cloud SIEM, security signal management, log pipeline configuration, custom detection rules)
• Proficiency with Infrastructure-as-Code (Terraform, CloudFormation, or CDK) and policy-as-code frameworks
• Working knowledge of container and serverless security
• Solid scripting/automation skills in Python, Bash, or similar languages
• Familiarity with common security frameworks and standards (NIST CSF, CIS Benchmarks, SOC 2, ISO 27001)

Responsibilities

• Design, implement, and maintain security controls across our AWS environment
• Manage and tune AWS-native security tooling (GuardDuty, Security Hub, CloudTrail, Inspector, etc)
• Develop and enforce infrastructure-as-code (IaC) security policies using tools such as Terraform
• Conduct periodic reviews of AWS account architecture, SCPs, and organizational unit (OU) structures to ensure least-privilege and segmentation best practices
• Collaborate with Platform Engineering teams to shift left our security posture by embedding security into CI/CD pipelines
• Monitor, investigate, and respond to cloud security alerts and incidents within AWS environments
• Build and maintain cloud-focused detection rules, alerts, and dashboards within Datadog Security (Cloud SIEM, Cloud Security Management, Application Security)
• Develop and operationalize Datadog detection rules, log pipelines, and security signals in collaboration with the SOC team to provide real-time visibility across AWS infrastructure, application logs, and cloud workloads
• Correlate findings from Datadog Security with alerts from Obsidian Security and AWS-native tooling to provide a unified view of risk across cloud and SaaS environments
• Develop automated response playbooks for common cloud and SaaS security events
• Participate in incident response activities, including investigation, containment, and post-incident review for cloud and SaaS-related security events
• Conduct threat modeling exercises for cloud architectures and SaaS integrations
• Support compliance initiatives (e.g., SOC 2, or other frameworks as applicable) by implementing and evidencing technical controls in AWS and SaaS environments
• Maintain security documentation including architecture diagrams, runbooks, and policy documents
• Contribute to internal security audits and third-party assessment processes
• Track and remediate findings from vulnerability scans, penetration tests, and cloud security assessments

Benefits

• flexible work hours
• flexible vacation
• generous 401K match
• parental leave
• team events
• wellness budget
• learning reimbursement