Senior Cloud Security Specialist

Senior Cloud Security Specialist

Requirements

• Bachelor’s degree in Computer Science, Engineering, or a related technical field (e.g., B.Sc., B.Eng., or B.Comm. with a tech focus)
• 8+ years of experience in cybersecurity including 5+ years specifically focused on cloud security and infrastructure.
• Expert-level knowledge of AWS, including security best practices, IAM, VPC, and cloud-native architecture design.
• Hands-on experience with Terraform for deploying and managing cloud infrastructure as code.
• Working knowledge of Kubernetes and best practices in securing containerized workloads and orchestrated environments.
• Strong problem-solving skills, with the ability to navigate ambiguity, analyze complex systems, and deliver impactful results independently.
• Strong communication skills; able to explain technical and security concepts in approachable terms to both technical and non-technical audiences.
• A passion for building security-conscious engineering culture; you lead by example, advocate for secure development practices, and help others understand the why behind them.
• Strong sense of ownership and urgency: you act quickly when security risks arise and take pride in driving things to resolution.
• Bias for action: you don’t wait for perfect clarity to get started, and you’re comfortable making informed decisions in complex environments.
• Empathetic collaborator; you value partnership, listen actively, and know how to meet engineers, product managers, and stakeholders where they are.
• Security storyteller; you’re able to connect the dots between technical risk and business impact, and help others see the value of security in clear, compelling ways.

Responsibilities

• Develop and maintain threat models for AlayaCare’s cloud infrastructure and applications. Identify security risks and implement scalable, effective remediations to strengthen our cloud security posture.
• Act as the primary owner of security architecture within AWS, working closely with the SRE team to establish secure-by-default guardrails across compute, storage, networking, and identity services.
• Lead infrastructure vulnerability scanning efforts and work with engineering teams to triage, prioritize, and remediate findings. Focus on enabling sustainable, measurable improvements.
• Build and maintain automation for key security controls using Terraform and scripting languages (e.g., Python, Ruby, or Go). Develop internal tooling and integrate existing solutions to improve threat detection, access management, and incident containment.
• Translate compliance wordings/policies into technical policies applicable to AWS Config, policy-as-code frameworks, and infrastructure pipelines. Collaborate with the compliance and GRC team to align implementation with regulatory goals.
• Participate in system and application design reviews to identify risks and guide teams toward secure architectural decisions. Deep knowledge of functional and infrastructure architecture is a plus.
• Lead technical investigations that are high-priority security incidents in collaboration with the security operations team.
• Support efforts around SOC 2, HIPAA, and HITRUST by helping embed security requirements into technical design and team workflows.
• Promote a culture of security by leading internal security training, contributing to phishing simulations, and helping teams understand the “why” behind secure development practices. Coach engineers and product teams on best practices and threat awareness.
• Mentor and support engineers across teams in secure development practices and cloud security concepts. Help raise the overall security maturity of the engineering organization.

Preferred Qualifications

No preferred qualifications provided.