Handshakes by DC Frontiers is an award-winning DataTech company that leverages data to empower safe, informed business decisions.
We are currently looking for a Cloud Security Engineer to design, implement, and continuously improve our cloud security controls, identity architecture, and governance guardrails. This role is critical in maintaining a secure, compliant, and well-governed cloud environment.
Key Responsibilities
Identity and Access Management Architecture
- Design and maintain role-based access control (RBAC) models and IAM policies that enforce least privilege principles across cloud and enterprise SaaS.
- Ensure identity structures align with organizational roles, segregation of duties requirements, and compliance standards.
Cloud Guardrails and Policy Enforcement
- Define, implement, and maintain cloud-native guardrails (e.g., service control policies, policy-as-code, security configurations) that prevent misconfiguration and enforce security baselines across environments.
- Partner with Platform Engineering to ensure guardrails are embedded into infrastructure automation.
Security Posture Management
- Oversee cloud security posture management tools and continuously assess compliance with defined baselines.
- Identify configuration drift, security gaps, or policy violations and coordinate remediation with Reliability and Platform teams.
Access Governance and Reviews
- Lead structured periodic access review processes to validate entitlement accuracy, privileged access assignments, and role appropriateness.
- Ensure evidence is maintained for audit and compliance purposes.
Security Baseline Definition
- Establish and maintain baseline security standards for infrastructure, operating systems, cloud services, and SaaS platforms.
- Align baselines with industry best practices and organizational risk appetite.
Vulnerability Governance Oversight
- Review vulnerability findings from scanning tools, prioritize remediation requirements based on risk severity, and ensure remediation timelines are adhered to by operational teams.
Third-Party Technical Risk Assessment
- Conduct security assessments of vendors and third-party integrations from a technical controls perspective, identifying gaps and recommending mitigation strategies.
Security Reporting and Metrics
- Prepare governance dashboards and risk posture reports for leadership, highlighting trends, control effectiveness, and remediation progress.
Required Skills & Experience
- Bachelor's Degree in Computer Science/ Information Technology or any related studies
- Minimum 5 years of hands-on experience with AWS services and security tools
- Deep understanding of least privilege principles and RBAC design
- Experience implementing cloud security guardrails and policy-as-code
- Familiarity with vulnerability management processes
- Knowledge of security benchmarks (e.g., CIS frameworks)
- Ability to translate risk into actionable technical controls
Nice-to-Have
- Experience with cloud security posture management tools
- Exposure to regulatory or audit environments (ISO 27001, 27017 etc.)
- Familiarity with DevSecOps practices
- Security certifications (e.g., AWS Security Specialty, CISSP, CCSP)
