Attractivate Consulting Solutions
Cloud Security (Houston)
Attractivate Consulting Solutions, Houston, Texas, United States, 77246
Title:
Cloud Security Engineer (AWS Focus) Location:
Houston, TX - Onsite Type:
Contract to Hire Sector:
Energy
About the Role We are looking for an experienced Cloud Security Engineer to join our growing Security team. You will be responsible for designing, implementing, and maintaining security controls across our multi-cloud environment (primarily AWS, with growing Azure and GCP footprints). This is a hands-on role that combines architecture, engineering, threat modeling, and incident response in a fast-paced environment. Key Responsibilities Design and implement cloud-native security controls (IAM, network security, encryption, logging/monitoring, SCPs, Azure Policy, GCP Organization Policy, etc.) Build and maintain infrastructure-as-code security tooling (Terraform, CloudFormation, CDK, Pulumi) with security guardrails Lead cloud security posture management (CSPM), cloud workload protection (CWPP), and cloud-native application protection (CNAPP) initiatives Perform threat modeling and security architecture reviews for new cloud services and applications Automate security testing in CI/CD pipelines (SAST, DAST, SCA, container scanning, IaC scanning) Respond to and investigate security incidents in cloud environments Develop and enforce cloud security standards, baselines, and hardening guides Work closely with DevOps, Platform Engineering, and application teams to securely accelerate delivery Participate in purple team exercises and penetration testing focused on cloud infrastructure Stay current on cloud provider security features and emerging threats Required Skills & Experience 3+ years of hands-on cloud security experience (AWS required) Deep expertise in at least one major cloud provider (AWS Solutions Architect Professional or AWS Security Specialty strongly preferred) Strong experience with Infrastructure as Code (Terraform preferred) and policy-as-code Proficiency in cloud-native security services: AWS GuardDuty, Security Hub, Macie, Inspector, Config, Azure Defender, Sentinel, Defender for Cloud, GCP Security Command Center, etc. Experience implementing Zero Trust principles in cloud environments Solid scripting/programming skills (Python, Go, or Bash) for automation Hands-on experience with containers (Docker, Kubernetes/EKS/AKS/GKE) and securing them Familiarity with compliance frameworks (SOC 2, PCI-DSS, ISO 27001, FedRAMP, HIPAA, etc.) Experience with SIEM, SOAR, and cloud-native logging/monitoring (Splunk, Datadog, ELK, CloudTrail, Azure Monitor, etc.)
Cloud Security Engineer (AWS Focus) Location:
Houston, TX - Onsite Type:
Contract to Hire Sector:
Energy
About the Role We are looking for an experienced Cloud Security Engineer to join our growing Security team. You will be responsible for designing, implementing, and maintaining security controls across our multi-cloud environment (primarily AWS, with growing Azure and GCP footprints). This is a hands-on role that combines architecture, engineering, threat modeling, and incident response in a fast-paced environment. Key Responsibilities Design and implement cloud-native security controls (IAM, network security, encryption, logging/monitoring, SCPs, Azure Policy, GCP Organization Policy, etc.) Build and maintain infrastructure-as-code security tooling (Terraform, CloudFormation, CDK, Pulumi) with security guardrails Lead cloud security posture management (CSPM), cloud workload protection (CWPP), and cloud-native application protection (CNAPP) initiatives Perform threat modeling and security architecture reviews for new cloud services and applications Automate security testing in CI/CD pipelines (SAST, DAST, SCA, container scanning, IaC scanning) Respond to and investigate security incidents in cloud environments Develop and enforce cloud security standards, baselines, and hardening guides Work closely with DevOps, Platform Engineering, and application teams to securely accelerate delivery Participate in purple team exercises and penetration testing focused on cloud infrastructure Stay current on cloud provider security features and emerging threats Required Skills & Experience 3+ years of hands-on cloud security experience (AWS required) Deep expertise in at least one major cloud provider (AWS Solutions Architect Professional or AWS Security Specialty strongly preferred) Strong experience with Infrastructure as Code (Terraform preferred) and policy-as-code Proficiency in cloud-native security services: AWS GuardDuty, Security Hub, Macie, Inspector, Config, Azure Defender, Sentinel, Defender for Cloud, GCP Security Command Center, etc. Experience implementing Zero Trust principles in cloud environments Solid scripting/programming skills (Python, Go, or Bash) for automation Hands-on experience with containers (Docker, Kubernetes/EKS/AKS/GKE) and securing them Familiarity with compliance frameworks (SOC 2, PCI-DSS, ISO 27001, FedRAMP, HIPAA, etc.) Experience with SIEM, SOAR, and cloud-native logging/monitoring (Splunk, Datadog, ELK, CloudTrail, Azure Monitor, etc.)