Overview

We are looking for a Lead Security Engineer — AWS Cloud to guide cloud security initiatives and collaborate closely with leadership teams.

This role is fully hands-on, requiring you to monitor, assess, and address security vulnerabilities while refining processes and improving security pipelines. Join us to lead impactful projects and ensure top-tier AWS security standards.

Responsibilities

  • Analyze and respond to AWS Cloud security alerts identified by CrowdStrike SOC
  • Coordinate with cross-functional teams to correct security flaws and misconfigurations
  • Resolve emerging security challenges promptly
  • Compile weekly and monthly security metrics for leadership review
  • Manage and enhance AWS Cloud Security procedures including integrations, playbooks, custom alerts and associated documentation
  • Prepare and provide evidence and records for annual audits
  • Assess and prioritize application security weaknesses
  • Evaluate and address Kubernetes security threats

Requirements

  • 5+ years of experience in cloud security or equivalent fields
  • 1+ years of relevant leadership experience
  • In-depth knowledge of AWS Cloud Security, including networking and core services
  • Expert-level comprehension of AWS architecture and tools like IAM, VPC, Security Group, EC2, Lambda, ECR, ECS, S3, CloudTrail, ACM, DynamoDB, Redshift and KMS
  • Hands-on expertise in designing and maintaining CI/CD pipelines for security scans
  • Proficiency with Terraform and GitHub for managing infrastructure
  • Strong grasp of Kubernetes architecture, security measures, and Terraform-based deployment
  • Knowledge of CrowdStrike products, Security Operation Center functions, and Snyk
  • Familiarity with Codefresh, Argo CD, and PerimeterX
  • Understanding of SUMO Logic and Okta Workforce Identity solutions
  • Ability to detect security coverage gaps and develop remediation strategies
  • Experience in investigating security incidents and creating comprehensive reports
  • Proven capability to collaborate directly with clients and senior leadership independently
  • Excellent verbal and written communication abilities
  • English proficiency at B2 level or higher for interacting with US-based client teams

Nice to have

  • Experience in application security
  • Understanding of DNS configurations
  • Proficiency in Python scripting
  • Knowledge of Azure and GCP cloud security practices for alerting and remediation
  • Background in Red Team security testing

[GTS] Benefits (generic, except India)

  • International projects with top brands
  • Work with global teams of highly skilled, diverse peers
  • Healthcare benefits
  • Employee financial programs
  • Paid time off and sick leave
  • Upskilling, reskilling and certification courses
  • Unlimited access to the LinkedIn Learning library and 22,000+ courses
  • Global career opportunities
  • Volunteer and community involvement opportunities
  • EPAM Employee Groups
  • Award-winning culture recognized by Glassdoor, Newsweek and LinkedIn