PRINCIPAL AWS CLOUD SECURITY AND COMPLIANCE ENGINEER -  

Região Outra Nível Profissional.
Sênior Nível Acadêmico.
Ensino Superior Completo Áreas de Atuação Profissional.
TI - Projetos Descrição.
Período.
6 meses.
100% Remoto.
CV's em inglês Habilidades.
About the Role We are seeking a Principal AWS Cloud Security and Compliance Engineer with extensive hands-on experience in securing cloud environments at scale.
This role is ideal for a seasoned security expert who thrives on designing, implementing, and managing cloud security controls, ensuring compliance with industry standards, and mitigating security risks across AWS infrastructure.
The ideal candidate will bring a deep understanding of AWS security services, regulatory compliance frameworks, and cloud-native security best practices.
Key Responsibilities ● Security Architecture & Design.
Lead the design and implementation of secure AWS architectures, ensuring compliance with security frameworks and industry best practices.
● Governance & Compliance.
Develop, enforce, and monitor compliance with SOC 2, ISO , NIST, CIS, FedRAMP, PCI-DSS, HIPAA, and other security standards.
● Cloud Security Operations.
Implement and manage AWS security services such as AWS IAM, AWS KMS, AWS GuardDuty, AWS Security Hub, AWS Macie, AWS Config, AWS WAF, and AWS Shield.
● Threat Detection & Incident Response.
Develop SIEM integrations, monitor security logs, investigate incidents, and lead incident response efforts to mitigate threats.
● Automation & Infrastructure Security.
Implement Infrastructure as Code (IaC) security policies using Terraform, AWS CloudFormation, or AWS CDK.
Automate security monitoring and compliance reporting.
● Identity & Access Management (IAM).
Define and enforce least privilege access controls, manage AWS Organizations and Service Control Policies (SCPs).
● DevSecOps & CI/CD Security.
Embed security into the CI/CD pipeline, ensuring secure deployment practices across cloud workloads.
● Security Risk Assessments.
Perform cloud security risk assessments, threat modeling, and penetration testing to identify and mitigate vulnerabilities.
● Security Awareness & Training.
Mentor engineering teams on secure coding, cloud security best practices, and AWS security controls.
● Stakeholder Collaboration.
Work with engineering, compliance, and business teams to align security strategies with organizational goals.
Requisitos.
Required Qualifications ● years of hands-on experience in cybersecurity, cloud security, and compliance, with at least 5 years in AWS security.
● Expert-level knowledge of AWS security services, architecture, and best practices.
● Deep understanding of compliance frameworks (e.
., SOC 2, ISO , NIST, FedRAMP, PCI-DSS, HIPAA).
● Experience with AWS IAM, VPC security, AWS WAF, KMS, CloudTrail, Config, Security Hub, Macie, and GuardDuty.
● Proficiency in SIEM solutions, security automation, and cloud-native security tools.
● Hands-on experience with IaC security (Terraform, CloudFormation), container security (EKS, ECS), and serverless security.
● Strong background in DevSecOps, securing CI/CD pipelines, and integrating security into cloud-native development.
● Expertise in identity & access management (IAM), RBAC, MFA, and Zero Trust security models.
● Experience with incident response, threat detection, and forensic analysis in AWS.
● Proficient in scripting and automation (Python, Bash, or PowerShell).
● Strong communication skills with the ability to influence technical and non-technical stakeholders.
Preferred Qualifications ● AWS Certified Security – Specialty or AWS Certified Solutions Architect – Professional certification.
● Experience in multi-cloud security (AWS, Azure, GCP) is a plus.
● Familiarity with security risk management frameworks (e.
., MITRE ATT&CK, OWASP, CIS Benchmarks).
● Knowledge of AI/ML security, API security, and data protection strategies