Staff Security Engineer

Reporting to the Senior Manager, Security Engineer, this role is responsible for architecting and implementing automation frameworks across AWS infrastructure, DevSecOps pipelines, and SOC operations. The role focuses on orchestrating cloud deployments, automating security validation, and centralizing cybersecurity telemetry for advanced analytics and operational resilience.

Responsibilities

• Architect, design, and implement event-driven automation frameworks for AWS infrastructure provisioning, application deployments, and operational workflows.
• Build and maintain reusable Infrastructure-as-Code templates and automation modules to accelerate cloud service adoption.
• Develop orchestration pipelines to automate DevSecOps security validation, vulnerability scanning, and compliance checks across environments.
• Implement automation for security operations workflows including alert ingestion, enrichment, correlation, and automated response using AWS-native and third-party tools.
• Integrate SOC processes into orchestration frameworks to reduce mean time to detect (MTTD) and mean time to respond (MTTR).
• Automate, centralize, transform, and stash cybersecurity telemetry from SOC and SaaS sources using tools like Logstash, Farebeat, and AWS-native ingestion services, exporting the enriched data into SIEM platforms for advanced analytics and monitoring.
• Collaborate with DevOps, SRE, Platform, and Security Engineering teams to deliver highly automated, self-healing cloud systems.
• Build auto-remediation workflows based on cloud telemetry and security findings.
• Continuously optimize CI/CD pipelines with embedded security and compliance automation.
• Serve as an advocate for event-driven, serverless, and automated operations architectures within engineering and security organizations.
• Provide thought leadership on emerging AWS services and best practices for cloud automation and DevSecOps enablement.

Knowledge and Skills

• Deep expertise in AWS cloud automation, infrastructure-as-code (IaC), and orchestration frameworks (e.g., AWS CloudFormation, Terraform, AWS CDK and CLI).
• Deep expertise working with API’s to retrieve data, aggregate data and report on them.
• Strong experience designing and securing automated deployment pipelines (CI/CD) and GitHub Actions.
• Proficiency with scripting languages such as Python, Bash, or Go to automate cloud operations and workflows.
• Expertise in AWS Service Catalog, Systems Manager (SSM), EventBridge, and Step Functions for event-driven automation.
• Hands-on experience with automation of security operations (SOC) processes: alert triage, ticketing, response playbooks.
• Experience integrating DevSecOps security controls into CI/CD pipelines (e.g., SAST, DAST, container scanning, secrets management automation, RASP, Autonomous Pen testing/IAST).
• Familiarity with AWS security services (GuardDuty, Security Hub, Config) and automating their responses.
• Working knowledge of Git, GitHub, and other CI/CD orchestration tools.
• Automate, segregate, transform, centralize, & stash Cybersecurity data across all SOC and SaaS sources using Logstash/filebeat etc. and send it to SIEM.
• Strong documentation and governance skills for automation, design, and lifecycle management.

Required Experience

• Bachelor’s degree
• 8 + years of combined experience working in IT, Cyber Security, AWS and DevOps

Preferred Experience/Key Differentiators

• AWS DevOps and Automation experience.
• AWS Security stack experience