Cloud Security Engineer

Summary

Join Encoura as a Cloud SecOps Engineer and play a key role in ensuring the security of our AWS-based systems and data. You will be responsible for governance, risk, and compliance, supporting SOC2 and TX-RAMP compliance programs. Partner with development teams to secure the delivery of AWS-based platforms and products, aligning account permissions with business needs. Conduct system security audits and ensure compliance with relevant benchmarks. A day-in-the-life includes risk and compliance tracking, vulnerability management, recommending AWS security services, working with a managed security service provider, developing security reports and dashboards, and providing operational support. You will also participate in an on-call rotation for security-related issues. This role offers opportunities for professional growth and development within a mission-driven culture.

Requirements

• Experience securely delivering in a complex AWS-based micro-services application environment
• Strong understanding of the AWS-based security tooling and services
• Strong understanding of AWS-based IAM roles and accounts
• Strong understanding of AWS CloudWatch/Athena
• Proficiency and understanding of the AWS console and CLI
• 3+ Years experience securing a similarly complex AWS-based environment
• 5+ Years of IT experience designing and implementing security solutions
• Strong scripting and automation skills – you believe you can automate everything
• Hands-on experience with troubleshooting, securing, and improving AWS environments
• As related to related to security, familiar with the concepts of microservice architecture and how those concepts are implemented in AWS
• Experience installing, configuring, and managing and patching cloud-based and on-prem systems
• A solid security foundation – you’re always thinking, “what happens if this system is compromised?”
• Experience working with application development teams who work in Agile/Scrum/Kanban
• Able to balance security requirements with budgetary requirements
• BS in Computer Science, Software Engineering or equivalent, or a Bachelor’s in an unrelated field with at least 5 years of professional technology-based experience

Responsibilities

• Risk & compliance tracking against government standards (e.g. CCPA, NIST, SOCII)
• Tracking and remediation management of vulnerability issues and system patches
• Review and recommend additional or changes to existing AWS security-minded services
• Work with managed security service provider to triage and respond to potential security events
• Grow, as needed, the data fed to SIEM to provide visibility into potential security events
• Develop security-minded reports and dashboards for the Exec team, and for techies
• Develop and deploy security system alerting and monitoring strategy
• Systems access level inventory and auditing
• Provide as-needed security-minded operational support of our applications and platforms
• Partner with development teams on security architecture decisions
• Implement tagging and reporting strategy to measure security event risk/impact
• Gain functional knowledge of all Encoura applications
• Serve in an on-call rotation for security, or potential security-related issues

Preferred Qualifications

• Experience working with SaaS-based solutions that integrate with AWS is a plus
• Experience with Linux and Windows administration
• Information Security experience preferred
• AWS Security – Specialty certification (strongly preferred)
• Additional AWS certifications are a plus, as are other relevant certifications
• A detail-oriented, data-driven decision-maker with a strong appreciation for simplicity in system architecture
• A collaborative team player, comfortable mentoring others and cross-functionally communicating

Benefits

• Comprehensive health and benefits package
• 401k company match that vests immediately upon participation
• Paid holidays and a generous PTO policy
• Paid parental leave