Application & Cloud Security (AWS)
Indexed description
💙 We’re Looking for an Application & Cloud Security (AWS)🌎
We are seeking an experienced Application & Cloud Security (AWS) to lead the design, implementation, and governance of security solutions for enterprise applications hosted on Amazon Web Services (AWS). This role is responsible for defining cloud security standards, securing internet-facing applications, embedding security throughout the Software Development Life Cycle (SDLC), and driving the adoption of DevSecOps practices across engineering teams.
The ideal candidate combines deep expertise in Application Security, AWS Cloud Security, and Secure Software Development, working closely with Development, DevOps, Infrastructure, and Architecture teams to build secure, scalable, and resilient cloud-native solutions.
Key Responsibilities
- Define and own the security architecture for AWS-hosted public applications, establishing standards for identity, edge security, segmentation, observability, and application resilience.
- Develop and enforce cloud security strategies that balance security, scalability, developer productivity, and operational efficiency.
- Collaborate with Cloud, Infrastructure, DevOps, and Engineering teams to identify and remediate cloud misconfigurations and application security risks.
- Design and implement security solutions using AWS Web Application Firewall (WAF), Cloud Native Application Protection Platforms (CNAPP), and Cloud Security Posture Management (CSPM) tools.
- Establish secure software development standards and best practices following Secure SDLC principles.
- Act as the Subject Matter Expert (SME) for Application Security across enterprise projects.
- Integrate security controls, automation, and governance into CI/CD pipelines following DevSecOps best practices.
- Identify, prioritize, and mitigate application security vulnerabilities through secure code reviews, penetration testing, and vulnerability management.
- Define authentication, authorization, and access control standards using RBAC and ABAC models.
- Monitor emerging threats, vulnerabilities, and cybersecurity trends to continuously improve the organization's security posture.
- Participate in architecture reviews, cloud modernization initiatives, and enterprise security programs.
- Develop and maintain technical documentation, security standards, operational procedures, and architectural guidelines.
Required Skills & Qualifications
Experience
- 5+ years of experience in Cybersecurity, Application Security, or Cloud Security.
- Proven experience designing secure architectures for applications hosted on AWS.
- Hands-on experience implementing Secure SDLC and DevSecOps practices.
- Experience performing Secure Code Reviews, Penetration Testing, SAST, DAST, and vulnerability management.
- Experience securing internal and external REST APIs.
- Hands-on experience implementing Web Application Firewalls (WAF).
- Experience working with CNAPP and CSPM security platforms.
- Experience collaborating with Software Engineering, DevOps, Cloud Infrastructure, and Architecture teams.
Technical Skills
Cloud Security
- Amazon Web Services (AWS)
- AWS IAM
- CloudTrail
- GuardDuty
- Security Hub
- AWS KMS
- Secrets Manager
- API Gateway
- CloudFront
- AWS WAF
Application Security
- OWASP Top 10
- Secure SDLC
- Threat Modeling
- Secure Coding Practices
- Vulnerability Management
- Penetration Testing
- SAST
- DAST
- Secure Code Review
DevSecOps
- Security integration within CI/CD pipelines
- Jenkins
- GitHub Actions
- Azure DevOps
- Security Automation
API Security
- REST APIs
- OAuth2
- JWT
- API Security Best Practices
Cloud Security Platforms
- CNAPP
- CSPM
- Prisma Cloud
- Wiz
- Lacework
- Microsoft Defender for Cloud
Software Development
Working knowledge of at least one of the following programming languages:
- Java
- Python
- C#
Security Frameworks & Standards
- NIST
- ISO 27001
- CIS Controls
- SOC 2
- GDPR
Language
- Professional English proficiency (B2/C1 or higher).
💙 What We Offer 💙
Remote
Prepaid Medical Insurance – Supporting your health and well-being.
Rewards Program – Redeem points for technology, restaurants, and much more.
Learning Academy – Continuous learning and professional development opportunities.
Long-term engagement opportunity with stability and participation in high-impact international projects.
In compliance with our personal data protection policies, the information you provide will be processed in accordance with the Privacy Notice available on our website under the section: Privacy Notice for the Processing of Personal Data – Candidate.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search