Security Engineer (Cloud AWS)

Job Purpose: The Security Engineer is responsible for safeguarding both cloud and on-premises infrastructures by designing, implementing, and maintaining security controls that protect company assets, systems, and data. This role plays a key part in vulnerability management, incident response, and security monitoring — ensuring compliance with internal and international standards.The Security Engineer also supports threat intelligence, DLP operations, VAPT initiatives, and automation of security workflows across hybrid environments. Responsibilities: Security Architecture & Implementation • Design and maintain secure architectures for AWS and on-premises environments, implementing security groups, IAM policies, GuardDuty, Security Hub, and WAF configurations. • Integrate CDN and WAF providers such as Cloudflare, EdgeNext, and CDNetworks for DDoS mitigation, bot management, and web-application protection. • Work closely with Network and Systems teams to implement secure routing, VPN (Connexa, OpenVPN), and firewall policies (Juniper, Cisco ASA). • Enforce Zero-Trust and least-privilege principles across all systems and cloud workloads. Threat Intelligence & Monitoring • Operate and maintain OpenCTI (Open Cyber Threat Intelligence) to collect, correlate, and analyze threat intelligence feeds and indicators of compromise (IOCs). • Correlate OpenCTI data with SIEM logs and GuardDuty findings to improve detection capabilities. • Contribute to the creation of actionable threat reports and share intelligence with incident response and SOC teams. • Continuously assess new and emerging threats affecting the company’s infrastructure and cloud footprint. Data Loss Prevention (DLP) & Compliance • Manage and monitor Data Loss Prevention (DLP) alerts and workflows (e.g., Digital Guardian or Microsoft Purview DLP).• Investigate, validate, and classify DLP alerts to ensure proper escalation of potential data leaks. • Work with managers and department heads to validate incidents, document findings, and implement corrective actions. • Ensure adherence to security standards and compliance frameworks (e.g., ISO 27001, NIST 800-53, GDPR). • Develop and maintain incident validation and DLP record-keeping templates for audits and reportingVulnerability Assessment & Penetration Testing (VAPT) • Plan, perform, and document Vulnerability Assessments and Penetration Tests across both on-premises and cloud systems. • Coordinate remediation activities with Network, Systems, and DevOps teams to ensure timely patching of identified vulnerabilities. • Use tools such as Nessus, OpenVAS, Metasploit, Burp Suite, and AWS Inspector to assess infrastructure and application security posture. • Track vulnerabilities and mitigation status through centralized dashboards and weekly reports. Security Automation, Incident Response & Continuous Improvement • Automate detection and response processes using Terraform, GitLab pipelines, and AWS automation workflows (Lambda, EventBridge). • Participate in incident response, performing root-cause analysis and implementing preventive measures. • Conduct regular security awareness training, tabletop exercises, and post-incident reviews. • Recommend and implement continuous improvements to strengthen overall security posture of the infrastructure.Documentation & Collaboration • Maintain up-to-date documentation including security architecture diagrams, threat models, risk registers, and incident reports. • Collaborate with Network Engineers, System Administrators, and DevOps to ensure alignment between security, performance, and availability goals. • Support audits, compliance reviews, and risk-assessment exercises by providing detailed evidence and reports Qualifications• Bachelor’s degree in information security, Computer Science, or a related field. • Minimum 2 years of experience in infrastructure or cloud security engineering. • Strong hands-on expertise in:o Threat Intelligence: OpenCTI or similar platforms (MISP, TheHive) o DLP Tools: Digital Guardian, Microsoft Purview DLP, or equivalent o VAPT: Nessus, OpenVAS, Burp Suite, Metasploit, AWS Inspector o Cloud Security: AWS GuardDuty, Security Hub, IAM, WAF o Network Security: Juniper Firewall, Cisco ASA, Nginx WAF, VPN (Connexa/OpenVPN) o CDN Security: Cloudflare, EdgeNext, CDNetworks o Automation: Terraform, GitLab CI/CD pipelines • Solid understanding of TCP/IP, DNS, HTTP/S, SSL/TLS, VPN, SIEM, and IDS/IPS concepts. • Preferred certifications: o AWS Security Specialty, CompTIA Security+, CEH, CISSP, or ISO 27001 Lead Implementer/Auditor • Strong analytical mindset, excellent incident handling, and documentation skills. • Proactive and collaborative, with a strong sense of accountability and security ownership.