Senior AWS DevOps Security Engineer

About The Position

Requirements

• 7+ years of experience in cloud engineering or DevOps, with hands -on AWS experience.
• Strong understanding of AWS Organizations, SCPs, IAM, AWS Config, and Security Hub.
• Proven experience writing IQ scripts (Python, Bash, or other scripting languages).
• Familiarity with Infrastructure as Code tools (Terraform, CloudFormation, CDK).
• Experience integrating changes into CI/CD pipelines and automation frameworks.
• Strong problem -solving and communication skills.
• Ability to work independently and collaboratively in distributed teams.
• AWS Services, Kubernetes, networking, IAM, security policies, and AWS cost optimization
• Azure DevOps, Jenkins, ArgoCD, Helm charts

Responsibilities

• Implement and configure AWS Service Control Policies (SCPs) and AWS Config rules aligned with security best practices.
• Create and execute IQ scripts to verify and validate security configurations.
• Contribute to and enhance the existing Landing Zone automation scripts (Infrastructure as Code).
• Collaborate closely with the AWS ProServe team and Alcon IT stakeholders to align implementation with broader governance and security goals.
• Support change control, documentation, and implementation of AWS security configurations in a compliant and traceable way.
• Troubleshoot, analyze, and resolve security and configuration issues in the AWS environment.
• Contribute to internal best practices and documentation for ongoing operations.