Job Details

***We are unable to work with 3rd-party or corp-to-corp candidates for this position***
Overview:

Our client will be hiring a SecOps Engineer to build and manage the security posture and infrastructure that powers their SaaS platform. This is a high-ownership role ideal for a hands-on engineer with deep AWS security knowledge, strong automation skills, and a security-first mindset. You'll lead security initiatives, automate secure deployments, improve system observability, and guide teams toward robust, secure, and scalable solutions. You will also bring expertise in security automation, CI/CD pipeline security, secure networking, and incident response. This role is ideal for someone who thrives in a high-ownership environment and enjoys cross-functional collaboration to solve complex security and infrastructure challenges.

This role will report to the IT Security & Infrastructure Manager. This role has no direct reports.

100% REMOTE expectation, anywhere in the US.

Responsibilities:

• Design and maintain a highly secure and scalable AWS-based infrastructure using security services like AWS WAF, IAM, and Inspector alongside services such as EC2, ECS, S3, and VPC.
• Automate security provisioning, secure CI/CD pipelines, and system observability.
• Proactively manage and improve security Key Lifecycle Objectives (KLOs) such as vulnerability scanning and certificate management.
• Implement security best practices, including threat modeling and incident response.
• Own and deliver mid-sized security projects (e.g., IAM role refactoring, multi-region security rollout, new environment security hardening).
• Document security standards, decisions, and automation workflows in a clear, shareable format.
• Participate in incident response, root cause analysis, and on-call rotation.

Qualifications:

• 3 years in SecOps and/or security engineering roles with heavy AWS usage.
• Experience with AWS security services: IAM, WAF, Config, Inspector, Security Hub, and KMS, as well as general services like EC2, ECS/Fargate, DynamoDB, and VPC.
• Strong Infrastructure as Code skills, with a focus on security policies and controls.
• Experience in CI/CD pipeline security, including static and dynamic analysis tools.
• Strong scripting (Bash, Python) and automation fluency.
• Experience with compliance efforts (SOC 2, PCI) via logging, identity boundaries, and change management.

BONUS EXPERIENCE (it'll be great if you had)

• Proficient in security monitoring and observability best practices (alerting, metrics, distributed tracing).
• Solid understanding of cloud networking, IAM policies, encryption (KMS), and secrets management.
• Familiar with incident response workflows, root cause analysis, and operational runbooks.
• Experience with log analysis and observability platforms (e.g., Datadog, SumoLogic, CloudWatch).
• Serverless security using Lambda, SQS, and SNS.
• SQL Server Always On Availability Group configuration and management.
• Certified Cloud Security Professional (CCSP)
• AWS Certified Security - Specialty
• AWS Certified DevOps Engineer - Professional
• AWS Certified Solutions Architect - Associate or Professional

Our TalentAffirm process: All applicants are personally reviewed by a recruiter. Candidates who complete our TalentAffirm screen and assessment are prioritized for next steps. It's an opportunity for you to stand out above your competition.