AWS Cloud Security Engineer

This role is responsible for leading the engineering, deployment, and operational compliance of a secure and highly available AWS cloud environment, specifically tailored for campus research use. The position requires a senior-level engineer who will combine deep AWS technical expertise with strict adherence to security and compliance frameworks, including NIST 800-171. The Engineer will design and automate the cloud infrastructure, ensure continuous compliance validation, and serve as the technical liaison between AWS professional services and internal development teams.

location: Telecommute

job type: Contract

salary: $90 - 100 per hour

work hours: 8am to 5pm

education: Bachelors

responsibilities:

Lead the engineering and deployment of a secure AWS environment, focusing on NIST 800-171 compliance standards.

Design and implement critical security guardrails (both detective and preventative) across all AWS accounts, collaborating with AWS ProServe/SAS to map security controls to native AWS services.

Design and coordinate the deployment of foundational services, including automated landing zone setup, account structure, networking, IAM, monitoring, and logging.

Develop and maintain comprehensive documentation, including implementation guides, operational runbooks, decision logs, and evidence catalogs for audit preparation and knowledge transfer.

Design, write, and maintain infrastructure-as-code using tools such as Terraform and CloudFormation.

Integrate IaC deployments with configuration and deployment pipelines (CI/CD).

Develop scripts for security automation and continuous compliance validation.

Troubleshoot and resolve the most complex technical issues within the cloud environment.

Design and coordinate the workflow of support requests, setting priorities and tracking resolution.

Ensure compliance with and provide input to Service Level Agreements (SLAs).

Conduct detailed troubleshooting, testing, and incident response planning for cloud systems, resolving issues in development and non-production environments to ensure operational continuity and secure configuration.

Participate in project planning, stakeholder meetings, and compliance readiness assessments to support governance and continuous improvement of the cloud security posture.

qualifications:

- Bachelor's degree in Computer Science or a related field.

- 5+ years of strong hands-on experience designing and deploying secure, scalable architectures on Amazon Web Services (AWS).

- Mandatory experience with NIST 800-171 (or similar regulated frameworks) and the ability to map security controls to technical implementation.

- Proficiency in Terraform or CloudFormation, and experience with Python or Shell scripting for security automation.

- Proven experience working in a DevOps environment and participating in project planning and stakeholder management.

- Demonstrated ability to resolve complex, low-level infrastructure and system issues.

- Strong ability to collaborate with internal and external teams (AWS ProServe) to gather requirements and advocate for best practices.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act.

We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.