Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Lead Security Engineer

Remote in Mexico,
& 2 others
Security.Cloud
& 3 others

Choose an option

We are looking for an accomplished Lead Security Engineer to elevate and safeguard the security framework of our AWS and GCP platforms. In this role, you will architect and deliver resilient security strategies for cloud infrastructure. You’ll have the chance to work with state-of-the-art tools and partner with diverse teams to advance our security initiatives.

Responsibilities
  • Apply and uphold security standards and protocols within AWS and GCP cloud environments
  • Oversee IAM configurations, including roles, permissions, policies, and Service Control Policies (SCPs), to maintain organization-wide security controls
  • Detect, evaluate, and resolve security risks related to authentication, authorization, encryption, containers, and serverless technologies in AWS and GCP
  • Perform in-depth assessments of cloud setups to uncover and correct configuration weaknesses
  • Build and support automation solutions and scripts (preferably in Python) for ongoing monitoring, threat identification, and incident management
  • Protect containerized systems like Docker, ECS, and Kubernetes, as well as serverless workloads, by implementing runtime security measures
  • Operate security platforms such as CSPM, runtime security, API security, SIEM, GuardDuty, and Inspector for active threat monitoring and mitigation
  • Advise teams on secure cloud practices, IAM management, and integrating security into DevOps workflows
Requirements
  • At least 5 years of hands-on experience in cloud security engineering or a closely related discipline
  • Minimum one year of experience guiding and supervising development teams
  • Practical expertise with AWS CloudHSM for handling hardware security modules and safeguarding cryptographic assets
  • Advanced DevOps capabilities for embedding security into CI/CD processes and automating cloud security operations
  • Solid background in Kubernetes for enforcing security within container orchestration and policy management
  • Strong English communication skills (B2+ level or above) and a track record of direct interaction with clients or stakeholders