ECLARO
AWS Cloud Security & Compliance Engineer
ECLARO, Charlotte, North Carolina, United States, 28245
AWS Cloud Security & Compliance Engineer
Job Number:
25-05501
Base pay range:
$170,000.00/yr - $225,000.00/yr
Pursue excellence in your career! ECLARO is seeking an
AWS Cloud Security & Compliance Engineer
solutions professional for our client in
Charlotte, NC.
Our client is an innovative financial technology company transforming digital banking and payments. If you’re driven by technology and excited to shape the future of finance, this is the perfect opportunity to grow your career with a forward‑thinking team!
Position Overview
Fast‑growing Payment Service Provider operating a mission‑critical platform on AWS Cloud, processing millions of transactions daily with a focus on security, compliance, and operational resilience.
Strengthening cloud security posture to meet ISO 27001 and SOC 1/2 standards as the company scales globally.
Hands‑on role combining cloud architecture, IAM governance, security automation, and compliance documentation.
Responsibilities
AWS Security & Access Management
Design and enforce IAM policies, roles, and SCPs using least‑privilege.
Implement AWS Organizations, Control Tower, GuardDuty, Security Hub, Config, and CloudTrail for centralized governance.
Manage MFA, SSO (IAM Identity Center), and just‑in‑time access workflows.
Conduct regular privilege access reviews and automate user/role lifecycle management.
Compliance & Data Governance
Lead ISO 27001 and SOC 1/2 control implementation (e.g., A.9, A.12, SC‑13, PI‑7).
Own risk assessments, control evidence collection, and audit preparation.
Develop and maintain data classification, encryption (KMS, SSE), and residency policies.
Ensure PCI DSS alignment for payment data flows.
Security Automation & Monitoring
Build IaC security with Terraform or similar tools.
Automate compliance checks via AWS Config Rules, Security Hub, and Lambda scripts.
Respond to and triage findings from GuardDuty, Inspector, Macie, and third‑party scanners.
Documentation & Reporting
Maintain System Security Plan, Risk Register, and control matrices.
Prepare audit‑ready evidence (logs, configs, access reports).
Train engineering teams on secure AWS practices.
Required Qualifications
10+ years in cloud infrastructure, 5+ in cloud security, 3+ focused on AWS.
Hands‑on experience with AWS IAM, Organizations, SCPs, KMS, CloudTrail, Config, Security Hub.
Experience with Terraform/CloudFormation for secure infrastructure.
ISO 27001 and SOC 2 control frameworks knowledge.
Active AWS certifications: Security Specialty or Solutions Architect Professional.
Experience supporting external audits (SOC 2 Type II, ISO 27001).
Strong understanding of encryption at rest/transit, network security (VPC, NACLs, WAF), and secrets management.
Contact Eric McAuley
Email:
Eric.McAuley@eclaro.com
Phone:
(980) 360‑1322
Equal Opportunity Employer
ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status, in compliance with all applicable laws.
Seniority Level:
Entry level
Employment type:
Full‑time
Job Function:
Management and Manufacturing
#J-18808-Ljbffr
25-05501
Base pay range:
$170,000.00/yr - $225,000.00/yr
Pursue excellence in your career! ECLARO is seeking an
AWS Cloud Security & Compliance Engineer
solutions professional for our client in
Charlotte, NC.
Our client is an innovative financial technology company transforming digital banking and payments. If you’re driven by technology and excited to shape the future of finance, this is the perfect opportunity to grow your career with a forward‑thinking team!
Position Overview
Fast‑growing Payment Service Provider operating a mission‑critical platform on AWS Cloud, processing millions of transactions daily with a focus on security, compliance, and operational resilience.
Strengthening cloud security posture to meet ISO 27001 and SOC 1/2 standards as the company scales globally.
Hands‑on role combining cloud architecture, IAM governance, security automation, and compliance documentation.
Responsibilities
AWS Security & Access Management
Design and enforce IAM policies, roles, and SCPs using least‑privilege.
Implement AWS Organizations, Control Tower, GuardDuty, Security Hub, Config, and CloudTrail for centralized governance.
Manage MFA, SSO (IAM Identity Center), and just‑in‑time access workflows.
Conduct regular privilege access reviews and automate user/role lifecycle management.
Compliance & Data Governance
Lead ISO 27001 and SOC 1/2 control implementation (e.g., A.9, A.12, SC‑13, PI‑7).
Own risk assessments, control evidence collection, and audit preparation.
Develop and maintain data classification, encryption (KMS, SSE), and residency policies.
Ensure PCI DSS alignment for payment data flows.
Security Automation & Monitoring
Build IaC security with Terraform or similar tools.
Automate compliance checks via AWS Config Rules, Security Hub, and Lambda scripts.
Respond to and triage findings from GuardDuty, Inspector, Macie, and third‑party scanners.
Documentation & Reporting
Maintain System Security Plan, Risk Register, and control matrices.
Prepare audit‑ready evidence (logs, configs, access reports).
Train engineering teams on secure AWS practices.
Required Qualifications
10+ years in cloud infrastructure, 5+ in cloud security, 3+ focused on AWS.
Hands‑on experience with AWS IAM, Organizations, SCPs, KMS, CloudTrail, Config, Security Hub.
Experience with Terraform/CloudFormation for secure infrastructure.
ISO 27001 and SOC 2 control frameworks knowledge.
Active AWS certifications: Security Specialty or Solutions Architect Professional.
Experience supporting external audits (SOC 2 Type II, ISO 27001).
Strong understanding of encryption at rest/transit, network security (VPC, NACLs, WAF), and secrets management.
Contact Eric McAuley
Email:
Eric.McAuley@eclaro.com
Phone:
(980) 360‑1322
Equal Opportunity Employer
ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status, in compliance with all applicable laws.
Seniority Level:
Entry level
Employment type:
Full‑time
Job Function:
Management and Manufacturing
#J-18808-Ljbffr