Back to search
GFT Technologies Linkedin · Posted 4d ago

Application & Cloud Security (AWS)

Colombia

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

💙 We’re Looking for an Application & Cloud Security (AWS)🌎


We are seeking an experienced Application & Cloud Security (AWS) to lead the design, implementation, and governance of security solutions for enterprise applications hosted on Amazon Web Services (AWS). This role is responsible for defining cloud security standards, securing internet-facing applications, embedding security throughout the Software Development Life Cycle (SDLC), and driving the adoption of DevSecOps practices across engineering teams.

The ideal candidate combines deep expertise in Application Security, AWS Cloud Security, and Secure Software Development, working closely with Development, DevOps, Infrastructure, and Architecture teams to build secure, scalable, and resilient cloud-native solutions.


Key Responsibilities

  • Define and own the security architecture for AWS-hosted public applications, establishing standards for identity, edge security, segmentation, observability, and application resilience.
  • Develop and enforce cloud security strategies that balance security, scalability, developer productivity, and operational efficiency.
  • Collaborate with Cloud, Infrastructure, DevOps, and Engineering teams to identify and remediate cloud misconfigurations and application security risks.
  • Design and implement security solutions using AWS Web Application Firewall (WAF), Cloud Native Application Protection Platforms (CNAPP), and Cloud Security Posture Management (CSPM) tools.
  • Establish secure software development standards and best practices following Secure SDLC principles.
  • Act as the Subject Matter Expert (SME) for Application Security across enterprise projects.
  • Integrate security controls, automation, and governance into CI/CD pipelines following DevSecOps best practices.
  • Identify, prioritize, and mitigate application security vulnerabilities through secure code reviews, penetration testing, and vulnerability management.
  • Define authentication, authorization, and access control standards using RBAC and ABAC models.
  • Monitor emerging threats, vulnerabilities, and cybersecurity trends to continuously improve the organization's security posture.
  • Participate in architecture reviews, cloud modernization initiatives, and enterprise security programs.
  • Develop and maintain technical documentation, security standards, operational procedures, and architectural guidelines.


Required Skills & Qualifications

Experience

  • 5+ years of experience in Cybersecurity, Application Security, or Cloud Security.
  • Proven experience designing secure architectures for applications hosted on AWS.
  • Hands-on experience implementing Secure SDLC and DevSecOps practices.
  • Experience performing Secure Code Reviews, Penetration Testing, SAST, DAST, and vulnerability management.
  • Experience securing internal and external REST APIs.
  • Hands-on experience implementing Web Application Firewalls (WAF).
  • Experience working with CNAPP and CSPM security platforms.
  • Experience collaborating with Software Engineering, DevOps, Cloud Infrastructure, and Architecture teams.


Technical Skills

Cloud Security

  • Amazon Web Services (AWS)
  • AWS IAM
  • CloudTrail
  • GuardDuty
  • Security Hub
  • AWS KMS
  • Secrets Manager
  • API Gateway
  • CloudFront
  • AWS WAF


Application Security

  • OWASP Top 10
  • Secure SDLC
  • Threat Modeling
  • Secure Coding Practices
  • Vulnerability Management
  • Penetration Testing
  • SAST
  • DAST
  • Secure Code Review


DevSecOps

  • Security integration within CI/CD pipelines
  • Jenkins
  • GitHub Actions
  • Azure DevOps
  • Security Automation

API Security

  • REST APIs
  • OAuth2
  • JWT
  • API Security Best Practices

Cloud Security Platforms

  • CNAPP
  • CSPM
  • Prisma Cloud
  • Wiz
  • Lacework
  • Microsoft Defender for Cloud

Software Development

Working knowledge of at least one of the following programming languages:

  • Java
  • Python
  • C#

Security Frameworks & Standards

  • NIST
  • ISO 27001
  • CIS Controls
  • SOC 2
  • GDPR

Language

  • Professional English proficiency (B2/C1 or higher).


💙 What We Offer 💙

Remote

Prepaid Medical Insurance – Supporting your health and well-being.

Rewards Program – Redeem points for technology, restaurants, and much more.

Learning Academy – Continuous learning and professional development opportunities.

Long-term engagement opportunity with stability and participation in high-impact international projects.


In compliance with our personal data protection policies, the information you provide will be processed in accordance with the Privacy Notice available on our website under the section: Privacy Notice for the Processing of Personal Data – Candidate.


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent