Senior Security Engineer
PhiloFull Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Candidates should have a minimum of 3 years of hands-on experience in AWS cloud security or policy enforcement, with strong working knowledge of AWS security services like IAM, SCPs, AWS Config, Security Hub, CloudTrail, GuardDuty, and KMS. Experience with cloud compliance standards such as CIS AWS Foundations Benchmark, NIST, ISO 27001, or HIPAA is required, along with proficiency in writing and troubleshooting IAM policies, JSON/YAML templates, Lambda functions, and scripting languages like Python or Bash. Familiarity with DevSecOps practices and Infrastructure as Code tools such as Terraform or CloudFormation is also necessary.
The Cloud Security Engineering Analyst will lead the design, testing, deployment, and compliance validation of AWS security policies and controls, integrating cloud-native and custom guardrails. Responsibilities include performing risk assessments, managing policy exceptions, and collaborating with cross-functional teams to enforce security-by-default principles. This role involves designing, developing, and deploying custom and AWS-native security policies, performing pre-deployment compliance assessments, and remediating misconfigurations. The analyst will validate and monitor policy effectiveness, own and manage the AWS policy exemption workflow, maintain detailed documentation, participate in tool evaluations, and support continuous improvement of cloud security posture.
Unified defensive and offensive cybersecurity solutions
UltraViolet Cyber focuses on enhancing cybersecurity for organizations by integrating both defensive and offensive security operations. Their main services include Managed Detection and Response (MDR), which provides continuous monitoring and response to cyber threats, and Penetration Testing as a Service, where they simulate cyber attacks to find and fix vulnerabilities. This company stands out from competitors by combining the expertise of Red Team (offensive) and Blue Team (defensive) professionals, ensuring that security measures are both proactive and reactive. The goal of UltraViolet Cyber is to help organizations improve their resilience against cyber threats and protect their sensitive data and infrastructure effectively.