Security Engineering Manager, AWS, DevSecOps, Identity, Endpoint, SOC 2
Location: Americas, Remote
Employment Type: Full-Time Contractor
Overview
We are seeking a Security Engineering Consultant to support the Security Engineering team in securing our infrastructure. This role will focus on strengthening AWS security architecture, integrating security automation into GitHub and CI/CD workflows, hardening identity and endpoint controls, and leading SOC 2 Type 1 readiness.
What You’ll Do
Cloud Security (AWS)
- Design and implement AWS security architecture, including encryption, IAM policies, and least-privilege access controls.
- Establish standards for secure configuration and continuous monitoring across AWS services (IAM, GuardDuty, Config, CloudTrail).
- Improve visibility and reporting on cloud security posture and risk trends.
DevSecOps and Automation
- Integrate security automation into GitHub workflows and CI/CD pipelines to identify vulnerabilities before code deployment.
- Implement and maintain security scanning across repositories using tools such as GitHub security features, Snyk, SonarQube, and related solutions.
- Collaborate with engineering teams to implement secure coding practices and security testing protocols.
Identity and Access Management
- Manage and optimize Okta identity management, including roles, policies, MFA, and privileged access controls.
- Strengthen Google Workspace security configuration, access policies, and monitoring practices.
- Drive reduction of privileged access through role redesign, access reviews, and enforcement of least privilege.
Endpoint Security
- Deploy and maintain endpoint security solutions across corporate devices with threat monitoring capabilities (CrowdStrike, SentinelOne, or equivalent).
- Establish endpoint security standards, enforcement mechanisms, and compliance reporting.
Compliance and Security Program Execution
- Establish the SOC 2 compliance framework and coordinate audit preparation activities toward SOC 2 Type 1 completion.
- Build and maintain security documentation, policies, evidence collection processes, and control ownership alignment.
Monitoring, Reporting, and Incident Response
- Monitor security metrics across cloud, endpoint, and identity systems with regular reporting.
- Respond to security incidents, conduct root cause analysis, and implement corrective actions to prevent recurrence.
- Continuously improve detection, alerting, and response workflows through tooling and automation.
Qualifications & Experience
- 4+ years of hands-on experience in security engineering, product security, or infrastructure security roles (cloud, DevSecOps, identity, endpoint, and compliance).
- Hands-on AWS security: encryption, IAM/least privilege, monitoring (GuardDuty/Config/CloudTrail).
- DevSecOps automation in GitHub/CI/CD: scanning, vulnerability management, secure SDLC.
- Okta + Google Workspace security administration (MFA, roles, access governance).
- Endpoint security deployment and compliance monitoring (CrowdStrike/SentinelOne or similar).
- SOC 2 Type 1 readiness: controls, documentation, evidence, audit coordination.
- Incident response and root cause analysis; strong collaboration and documentation skills.
- Strong communication and leadership skills, with experience mentoring engineers and influencing cross-functional teams.
We are committed to providing equal opportunity for qualified applicants to contract positions, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. This is a contract opportunity, not a direct employment role.
