Cloud Security Engineer

Vintti bridges the staffing gap for US businesses with a unique focus on time zone compatibility. We source top talent from Latin America, offering companies access to professionals who are available during standard US working hours. This alignment eliminates the need for off-hour communications and allows for integrated teamwork, as if all team members were in the same office.

A Cloud Security Engineer is responsible for safeguarding an organization's cloud infrastructure and data from potential security threats and vulnerabilities. This role involves the implementation of security measures, continuous monitoring, and compliance assurance to protect sensitive information in cloud environments. Cloud Security Engineers work closely with IT teams to develop and enforce security policies, automate security tasks, and respond to incidents promptly. Their expertise is crucial in configuring and managing cloud security tools, conducting risk assessments, and ensuring adherence to regulatory standards to maintain robust security postures in dynamic cloud platforms.

- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
- Minimum of 3-5 years of experience in information security and cloud security roles
- Strong understanding of cloud platforms (AWS, Azure, Google Cloud)
- Proficiency in cloud security best practices and technologies
- Experience conducting security assessments, vulnerability scans, and penetration testing
- Knowledge of regulatory and compliance standards (e.g., GDPR, HIPAA, PCI-DSS)
- Hands-on experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM)
- Strong scripting skills and experience with automation tools (e.g., Python, PowerShell, Terraform)
- In-depth understanding of encryption and data protection techniques
- Familiarity with Identity and Access Management (IAM) and least privilege principles
- Incident response and forensic investigation experience
- Excellent problem-solving skills and ability to work under pressure
- Strong communication and collaboration skills with cross-functional teams
- Relevant security certifications (e.g., CISSP, CISM, CCSP, CEH) preferred
- Understanding of DevOps practices and continuous integration/continuous deployment (CI/CD) pipelines
- Strong analytical skills and attention to detail
- Ability to stay updated with current security threats and industry trends
- Comfortable with reviewing and auditing cloud infrastructure for security compliance
- Proven track record of implementing and managing cloud security controls and procedures
- Experience with cloud-native security tools and services (e.g., AWS Security Hub, Azure Security Center)
- Ability to develop and conduct training sessions on cloud security best practices
- Organizational and project management skills for managing multiple security projects simultaneously
- Strong documentation skills for creating security policies and incident reports
- Willingness and ability to work occasional after-hours as needed for incident response and remediation activities

- Monitor and maintain cloud security configurations and policies
- Conduct security assessments, vulnerability scans, and penetration testing
- Respond to security incidents and investigate breaches
- Implement mitigation strategies after security incidents
- Collaborate with development and operations teams for secure deployment and integration
- Design, implement, and manage cloud security controls and procedures
- Develop and update cloud security policies, standards, and guidelines
- Manage and review access controls to enforce least privilege principles
- Stay informed about emerging cloud security threats and vulnerabilities
- Automate security processes using cloud-native tools and scripts
- Provide internal training on cloud security best practices
- Review and audit cloud architecture designs for security issues
- Ensure compliance with regulatory and privacy standards
- Develop and maintain cloud-specific incident response and disaster recovery plans
- Participate in security audits and coordinate remediation efforts
- Identify and evaluate new cloud security technologies and tools
- Document and report security incidents, vulnerabilities, and remediation activities
- Liaise with third-party vendors to evaluate security measures and protocols
- Perform continuous risk assessment and manage mitigation strategies
- Ensure effective implementation and management of encryption and data protection solutions
- Contribute to cloud security strategy planning and roadmap development

The ideal candidate for the Cloud Security Engineer role is a highly skilled cybersecurity expert with a Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, and possesses a minimum of 3-5 years of hands-on experience in information security and cloud security roles. They exhibit a deep understanding of leading cloud platforms such as AWS, Azure, and Google Cloud, coupled with proficiency in cloud security best practices, technologies, and tools like firewalls, IDS/IPS, and SIEM systems. Mastery in scripting languages such as Python or PowerShell, along with experience in using automation tools such as Terraform, is essential. The candidate excels in conducting security assessments, vulnerability scans, and penetration testing, and is well-versed in regulatory and compliance standards like GDPR, HIPAA, and PCI-DSS. Their expertise extends to encryption methods, data protection techniques, and Identity and Access Management (IAM) principles. They have a proven track record in incident response, forensic investigations, and are adept at designing and implementing security controls and procedures. With strong analytical, problem-solving, and communication skills, they collaborate effectively with cross-functional teams and can convey complex security concepts to non-technical stakeholders. They are committed to continuous learning, staying updated with emerging security threats and trends, and hold relevant security certifications such as CISSP, CISM, CCSP, or CEH. Possessing strong organizational and project management skills, the candidate can manage multiple tasks efficiently and demonstrate leadership and mentorship qualities. They maintain high ethical standards, work well under pressure, and are dedicated to providing excellent customer service, ensuring the organization's cloud infrastructure is secure and compliant with industry standards.

- Monitor and maintain cloud security configurations and policies across various cloud platforms.
- Conduct regular security assessments, vulnerability scans, and penetration testing of cloud environments.
- Respond to security incidents and breaches, performing thorough investigations and implementing mitigation strategies.
- Collaborate with development and operations teams to ensure secure deployment and integration of cloud services.
- Design, implement, and manage security controls and procedures to protect cloud infrastructure.
- Develop and update cloud security policies, standards, and guidelines based on industry best practices.
- Manage and review access controls, ensuring least privilege principles are enforced.
- Stay up-to-date with emerging cloud security threats, vulnerabilities, and mitigation strategies.
- Automate security processes and responses using cloud-native automation tools and scripts.
- Provide guidance and training to internal teams on cloud security best practices.
- Review and audit cloud architecture designs to identify and rectify security issues.
- Ensure compliance with relevant regulatory and privacy standards.
- Develop and maintain incident response and disaster recovery plans specific to cloud infrastructure.
- Participate in security audits and coordinate remediation efforts.
- Identify and evaluate new security technologies and tools useful for securing cloud environments.
- Document and report security incidents, vulnerabilities, and remediation activities.
- Liaise with third-party vendors and service providers to evaluate security measures and protocols.
- Perform continuous risk assessment and manage risk mitigation strategies.
- Ensure encryption and data protection solutions are effectively implemented and managed.
- Contribute to cloud security strategy planning and roadmap development.

- Strong analytical and problem-solving skills
- Ability to work effectively under pressure
- Excellent communication and collaboration skills
- Detail-oriented with a focus on accuracy
- Proactive in identifying and mitigating security risks
- Adaptability to evolving security threats and technologies
- Strong organizational and project management skills
- Ability to work independently and in a team setting
- Inquisitive and continuous learner mindset
- High ethical standards and integrity
- Ability to manage multiple tasks and projects simultaneously
- Demonstrated ability to work with cross-functional teams
- Strong leadership and mentorship capabilities
- Commitment to staying current with cloud security trends and best practices
- Technically proficient and innovative in problem-solving
- Ability to translate technical security concepts to non-technical stakeholders
- Strong commitment to organizational goals and values
- Resilient and resourceful in challenging situations
- Ability to maintain a growth mindset and receive constructive feedback
- Dedication to providing excellent customer service to internal and external stakeholders.

- Competitive salary range based on experience and qualifications
- Comprehensive health, dental, and vision insurance plans
- Flexible work schedule with options for remote work
- Paid time off (PTO) including vacation days, sick leave, and holidays
- Retirement savings plan with company matching contributions
- Opportunities for career advancement and professional development
- Access to ongoing training programs, certifications, and conferences
- Employee wellness programs and resources
- Support for work-life balance including parental leave and family support
- Employee assistance program (EAP) for mental health and well-being
- Performance-based bonuses and incentives
- Reimbursement for education and certification expenses
- Company-sponsored social events and team-building activities
- Recognition and rewards program for outstanding performance
- Collaborative and inclusive work environment
- State-of-the-art technology and tools for enhanced productivity
- Opportunities to work on innovative and cutting-edge projects
- Generous employee discount programs and perks
- Access to an extensive network of industry professionals and experts
- Comprehensive onboarding and mentoring programs for new hires