[Remote] Cloud Security Engineer
Note: The job is a remote job and is open to candidates in USA. Gravity IT Resources is seeking a Cloud Security Engineer to help design, build, and continuously improve secure AWS cloud environments while addressing modern risks across workforce security, DevSecOps, and AI/GenAI use cases. This role involves close collaboration with engineering, product, enterprise systems, and data science teams to embed security into system development and operations.
Responsibilities
- Design and implement secure cloud architectures in AWS
- Build and maintain security guardrails and standards (IAM, network segmentation, encryption, etc.)
- Apply Zero Trust principles across cloud systems and user endpoints
- Secure containerized and serverless workloads (ECS, Kubernetes, Docker, Lambda, etc.)
- Review existing cloud implementations, identify gaps, and drive remediation priorities
- Define and enforce endpoint and access controls
- Improve identity lifecycle processes and privileged access management (PAM)
- Partner with engineering teams to implement a secure VDI environment to support PHI access
- Define security controls for AI/ML and GenAI applications
- Work with Data Science to reduce risks like model poisoning, prompt injection, data leakage, and adversarial attacks
- Secure agentic AI systems (autonomous workflows / decision-making agents)
- Help embed security into the model development lifecycle (MLSecOps)
- Partner with GRC to support compliance with healthcare frameworks and regulations (HIPAA, HITRUST, SOC 2, etc.)
- Perform risk assessments and threat modeling for cloud and AI systems
- Support audits by ensuring controls and documentation are in place
- Implement and tune cloud-native monitoring/detection (SIEM, CSPM, CWPP)
- Build automated response/remediation workflows
- Support incident response for cloud security events
- Integrate security into CI/CD pipelines and infrastructure-as-code (Terraform, CloudFormation)
- Automate scanning and enforcement using tools and modern practices (SAST, DAST, SCA), including AI-assisted coding tools
- Partner with engineering to 'shift security left.'
- Mentor teammates and promote best practices across teams
- Stay current on emerging cloud and AI security threats
Skills
- 5+ years in cloud security or cybersecurity engineering
- Strong AWS security fundamentals (IAM, networking, encryption, logging/monitoring)
- Experience securing containers (Kubernetes and/or Docker)
- Experience working in regulated environments (HIPAA, HITRUST, SOC 2)
- Experience implementing automation to improve security outcomes
- Experience with Zero Trust architecture concepts and implementation
- Scripting/programming ability (e.g., Python; familiarity with Java/Node.js/C# is a plus)
- Ability to influence and lead cross-functional work without direct authority
- CISSP, CCSP, and/or AWS Security certifications
- Master's degree in a relevant field
Company Overview
Company H1B Sponsorship