About The Position
Reporting to the VP, Information Technology and Security, the Sr. AWS Cloud Governance & Compliance Engineer is responsible for overseeing the governance and cost-management program for multiple AWS accounts and all SaaS tools used by Production Engineering to support Cofense PhishMe, Triage, and other SaaS offerings and customer-facing services.
Requirements
- Deep knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS, S3, etc.) especially for analyzing infrastructure data for SaaS based offerings.
- Ability to work cross-functionally across infrastructure, finance, IT, and engineering teams to manage and reduce IaaS, SaaS, and PaaS spending over time and to adapt to the needs of the business.
- US Citizenship – related to FedRamp
- Minimum of 6 to 8 years IT Infrastructure experience with a strong background in information security, compliance, or incident response in large enterprise environments.
- Minimum of 4- 6 years AWS experience.
- Experience building, using, and optimizing, SaaS-based cloud spending tools to track Cloud resource utilization.
- Experience using system and infrastructure monitoring tools such as Graphite, Grafana, and/or DataDog to measure and monitor system and application utilization.
- Strong track record of reducing and optimizing AWS spending in large AWS Environments with dozens (or more) accounts and 1000s to 10,000s of compute and data resources.
- Previous resource or project management experience in mid to large-Enterprises working across multiple departments drive to effectively drive process improvements.
- Past experience working as part of distributed, remote-first engineering team.
Nice To Haves
- Bachelor’s Degree and/or industry-recognized security certifications preferred.
Responsibilities
- Design, develop, and operate tools and processes that monitor and measure infrastructure spending for Cofense, Phishme, Triage, and other SaaS and other service offerings.
- Collaboratively engage across and with multiple production engineering and development teams to develop, implement, enforce, and socialize cloud security and governance guidelines that conform to AWS and industry best practices.
- Design, implement, and maintain secure AWS architectures following AWS Well-Architected Framework security principles.
- Implement and manage AWS security services, including: AWS IAM AWS Security Hub AWS GuardDuty AWS Config AWS CloudTrail AWS WAF AWS KMS
- Ensure secure configuration of VPCs, security groups, network ACLs, and private networking.
- Implement least privilege access models using IAM policies and roles.
- Other duties as assigned.
- Ensure AWS environments meet internal security standards and external regulatory requirements.
- Support compliance with frameworks such as: ISO 27001 SOC 2 FedRAMP CIS AWS Benchmarks NIST
- Maintain and monitor AWS Config rules and compliance dashboards.
- Assist with security audits, risk assessments, and remediation plans.
- Monitor cloud environments for security threats and vulnerabilities (CVE’s using AWS Tooling).
- Investigate alerts generated by security tooling.
- Support incident response and forensic analysis for cloud security events.
- Maintain logging and monitoring using tools such as: CloudWatch CloudTrail Security Hub
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
101-250 employees
