Summary: We are seeking a Principal AWS Cloud Security and Compliance Engineer with extensive hands-on experience in securing cloud environments at scale. The role involves designing, implementing, and managing cloud security controls while ensuring compliance with industry standards. The ideal candidate will possess a deep understanding of AWS security services and regulatory compliance frameworks. This position is remote and requires a seasoned security expert to mitigate security risks across AWS infrastructure.

Key Responsibilities:

• Lead the design and implementation of secure AWS architectures, ensuring compliance with security frameworks and industry best practices.
• Develop, enforce, and monitor compliance with SOC 2, ISO 27001, NIST, CIS, FedRAMP, PCI-DSS, HIPAA, and other security standards.
• Implement and manage AWS security services such as AWS IAM, AWS KMS, AWS GuardDuty, AWS Security Hub, AWS Macie, AWS Config, AWS WAF, and AWS Shield.
• Develop SIEM integrations, monitor security logs, investigate incidents, and lead incident response efforts to mitigate threats.
• Implement Infrastructure as Code (IaC) security policies using Terraform, AWS CloudFormation, or AWS CDK. Automate security monitoring and compliance reporting.
• Define and enforce least privilege access controls, manage AWS Organizations and Service Control Policies (SCPs).
• Embed security into the CI/CD pipeline, ensuring secure deployment practices across cloud workloads.
• Perform cloud security risk assessments, threat modeling, and penetration testing to identify and mitigate vulnerabilities.
• Mentor engineering teams on secure coding, cloud security best practices, and AWS security controls.
• Work with engineering, compliance, and business teams to align security strategies with organizational goals.

Key Skills:

• 10-12 years of hands-on experience in cybersecurity, cloud security, and compliance, with at least 5 years in AWS security.
• Expert-level knowledge of AWS security services, architecture, and best practices.
• Deep understanding of compliance frameworks (e.g., SOC 2, ISO 27001, NIST, FedRAMP, PCI-DSS, HIPAA).
• Experience with AWS IAM, VPC security, AWS WAF, KMS, CloudTrail, Config, Security Hub, Macie, and GuardDuty.
• Proficiency in SIEM solutions, security automation, and cloud-native security tools.
• Hands-on experience with IaC security (Terraform, CloudFormation), container security (EKS, ECS), and serverless security.
• Strong background in DevSecOps, securing CI/CD pipelines, and integrating security into cloud-native development.
• Expertise in identity & access management (IAM), RBAC, MFA, and Zero Trust security models.
• Experience with incident response, threat detection, and forensic analysis in AWS.
• Proficient in scripting and automation (Python, Bash, or PowerShell).
• Strong communication skills with the ability to influence technical and non-technical stakeholders.

Salary (Rate): undetermined

City: undetermined

Country: Brazil

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: Senior

Industry: IT