Cloud Security Engineer - AWS Focus at Ledgebrook | Torre
warning

Heads-up

The job you’re trying to post already exists in Torre:

Cloud Security Engineer - AWS Focus

You'll revolutionize insurance security, designing AWS architectures and integrating DevSecOps for a modern platform.
Emma highlights
This highlight was written by Emma’s AI. Ask Emma to edit it.
Full-time

Legal agreement: Employment

Provide your expected compensation while applying
location_on
Remote (for United States residents)
Remote (for Canada residents)
Remote (for Poland residents)
Match
skeleton-gauges
You have opted out of job matches in .
To undo this, go to the 'Skills and Interests' section of your preferences.
Review preferences
Shared by
Emma of Torre.ai
2 months ago

Requirements and responsibilities


About the roleLedgebrook is a tech-enabled E&S MGA on a mission to modernize Specialty insurance. The industry is burdened with legacy technology and inefficient processes, preventing innovation at scale. We are changing that. Our goal is to become the best-in-class full-stack insurance and re/insurer, leveraging AI and data-driven insights to revolutionize underwriting, pricing, and risk selection.We believe in talent density—fewer, better people working together as one. We win as a team, and our success is shared through generous equity packages for all employees.We are seeking a Cloud Security Engineer with deep expertise in securing cloud-native environments, with a strong emphasis on AWS services. The ideal candidate will have a solid understanding of cloud infrastructure, DevSecOps practices, and modern security frameworks. You will play a key role in designing and implementing secure architectures, tooling, and practices to protect our cloud infrastructure and workloads.Key ResponsibilitiesDesign, implement, and manage secure AWS cloud architectures, including networking, IAM, and service configurations.Develop and enforce cloud security standards, policies, and guardrails across AWS environments.Implement automated security controls using tools like Terraform, AWS Config, Security Hub, GuardDuty, and Inspector.Collaborate with DevOps and engineering teams to integrate security into CI/CD pipelines (DevSecOps).Monitor and respond to security events using SIEM and cloud-native logging tools (CloudWatch, CloudTrail, AWS Security Hub, etc.).Conduct threat modeling, risk assessments, and security architecture reviews for AWS-based applications and services.Maintain and optimize identity and access management across AWS accounts using IAM, SSO, SCPs, and Organizations.Manage data protection strategies, including encryption (KMS), DLP, and secure key management.Support compliance initiatives (e.g., SOC 2, HIPAA, ISO 27001, or FedRAMP) with evidence collection and policy implementation.About youA passion to deliver a world-class customer service experience to both internal and external customersIntellectual curiosity and a desire to innovate processes/procedures versus being satisfied with the status quoA desire to continue learning whatever your career stageAgile prioritization skills coupled with a keen sense of urgency that seeks to balance getting it right versus getting it done right nowA strong drive and desire to win together as a high-performing teamA moral compass to “do the right thing, period”, we have zero tolerance for toxic behaviors.RequirementsBasic Qualifications:3+ years of experience in a Cloud Security, Security Engineering, or related role.Strong knowledge of AWS security services, architectures, and best practices.Experience with Infrastructure as Code (IaC) tools such as Terraform or CloudFormation.Hands-on experience with cloud monitoring and logging, especially in an AWS context.Proficiency in scripting or automation (e.g., Python, Bash, or PowerShell).Solid understanding of network security, firewalls, VPC design, and zero-trust principles.Familiarity with incident response processes, SIEM platforms, and forensics tools.Comfortable working cross-functionally with engineering, IT, and compliance teams.Self-starter with a proactive approach to risk identification and mitigation.Willingness to participate in an on-call rotation or security incident escalations as needed.Preferred Qualifications:AWS certifications such as AWS Certified Security – Specialty, Solutions Architect, or DevOps Engineer.Experience with multi-account AWS environments and AWS Organizations.Knowledge of container security, especially within Amazon ECS.Experience with third-party security tools such as Tenable, Prisma Cloud, Wiz, or Lacework.Experience with compliance frameworks and translating them into technical controls.Background in penetration testing, red/blue teaming, or threat intelligence is a plus.For those applying in the US: This position is open only to candidates who are authorized to work in the United States without the need for current or future employer-sponsored work authorization. We are unable to offer visa sponsorship at this time.BenefitsUS BenefitsCompetitive salary and meaningful equity ownershipHealth Insurance 100% employer-paid option available (US only)Additional benefits available include 401k plan, dental, vision & other options (US only)Remote work, flexible hoursUnlimited time off policyOwnership, autonomy, purposePoland BenefitsCompetitive salary and meaningful equityCompletely remote, flexible schedule, and monthly coworking gatheringsUnlimited paid time offClear ownership and impact from day oneCollaborative, transparent work culture
Optionally, you can add more information later (benefits, pre-screening questions, etc.)
check_circle

Payment confirmed

A member of the Torre team will contact you shortly

In the meantime, continue adding information to your job opening.