Note: The job is a remote job and is open to candidates in USA. Envision Technology Solutions is seeking a Principal Cloud Security Engineer to integrate security into engineering outputs rather than relying on traditional review processes. The role involves designing secure AWS patterns, building Terraform modules, and implementing preventive controls to enhance cloud security.
Responsibilities
- Design AWS multi-account, organization, and guardrail patterns that make the secure path the easy one
- Build and own a library of Terraform modules and policy-as-code that engineering teams adopt across the company
- Implement preventive controls, including SCPs, deployment-time policy validation, and drift detection, for high-risk cloud actions, in the code paths where work already happens
- Build logging integrity and tamper resistance into CloudTrail, telemetry pipelines, and core monitoring; define what good cloud telemetry looks like for downstream detection
- Partner with Platform and Architecture on identity, networking, EKS, and serverless patterns. Work with Security Operations to turn cloud signals into useful detections
- Make architecture decisions visible through design docs, pull requests, and reference implementations others can read and copy
Skills
- 8+ years across software engineering, platform engineering, SRE, or cloud security, with substantial hands-on AWS work in multi-account environments
- Production-quality code in at least one of Go, Python, TypeScript, C#, or Java. You think about security problems as software problems
- Deep Terraform: reusable modules, tested patterns, and an opinion about how IaC should be structured at scale
- Hands-on experience with policy-as-code, preventive guardrails, and securing EKS and serverless workloads
- Experience building detective and preventive controls for cloud control planes and logging integrity
- Comfort working through pull requests and design reviews with engineering teams, not only with security teams
Company Overview
Company H1B Sponsorship