AWS Cloud security

Experience : 5+ Years

Title : Cloud Security

Location : Hyderabad

Notice Period : Immediate to 1 week

About the Role :

We are seeking a highly skilled

AWS Cloud Security Engineer

to join our dynamic team and play a pivotal role in securing our cloud infrastructure across multiple environments. The ideal candidate will have deep expertise in AWS security services, cloud-native security best practices, infrastructure as code (IaC), and proactive threat mitigation. You will work closely with DevOps, development, and security teams to implement secure, scalable, and compliant cloud solutions.

Key Responsibilities :

Design, implement, and maintain

IAM policies

, roles, and identity federation strategies to enforce least-privilege access across AWS accounts and services.

Secure

Amazon S3

buckets with proper access controls, encryption (SSE-S3, SSE-KMS), bucket policies, and lifecycle management; monitor for misconfigurations using tools like AWS Config and S3 Block Public Access.

Develop and enforce

cloud security policies

aligned with industry standards (e.g., CIS AWS Foundations Benchmark, NIST, ISO 27001) and organizational compliance requirements.

Implement and manage

security groups, network ACLs, and VPC flow logs

to control traffic and detect anomalies in AWS environments.

Automate infrastructure provisioning and security configurations using

Terraform

and

AWS CloudFormation

, ensuring infrastructure is secure-by-design.

Secure secrets and sensitive data using

AWS Secrets Manager

AWS Systems Manager Parameter Store

, and

KMS

; eliminate hardcoded credentials in code and configurations.

Perform

cloud penetration testing

and vulnerability assessments across AWS environments; collaborate with red teams and security auditors to remediate findings.

Utilize

AWS CLI

and

AWS SDKs

for automation, auditing, and real-time monitoring of security posture.

Configure and manage

AWS WAF (Web Application Firewall)

to protect web applications from OWASP Top 10 threats such as SQL injection, XSS, DDoS, and bot attacks.

Support

Kubernetes (EKS)

security by implementing Pod Security Policies (PSPs), Network Policies, RBAC, and secure container image scanning.

Monitor and respond to security alerts via AWS CloudTrail, AWS GuardDuty, Amazon Inspector, and third-party SIEMs.

Collaborate with DevOps and development teams to embed security into CI / CD pipelines (DevSecOps), including pre-deployment security scanning.

Required Skills & Qualifications :

Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).

5+ years of hands-on experience

in cloud security, with

strong focus on AWS

In-depth knowledge of

IAM, S3, Security Groups, VPC, KMS, Secrets Manager, CloudTrail, GuardDuty, WAF, and Lambda

Proven experience with

Terraform

and infrastructure-as-code (IaC) security practices.

Experience with

Kubernetes (EKS)

and container security best practices.

Demonstrated experience in

cloud penetration testing

, vulnerability assessment, and remediation.

Strong command of

AWS CLI

, scripting (Python, Bash), and automation.

Familiarity with

CI / CD pipelines

and integrating security checks (e.g., SonarQube, Snyk, Checkmarx).

Knowledge of compliance frameworks :

GDPR, ISO 27001, ISO 27701, SOC 2, HIPAA

(preferred).

Experience working in

Agile / Scrum environments

with cross-functional teams.