Security Engineer ( AWS Expert) - DevSecOps
Job Description:
Senior Security Engineer (AWS Expert)
English C1 required
Contractor position
We are looking for a Senior Security Engineer to help build and mature the security function of a growing, consumer-facing technology platform.
This is a hands-on role for someone who enjoys strengthening application and cloud security, improving threat detection capabilities, and embedding secure practices across engineering and infrastructure. You will work closely with technical leadership and development teams to help shape a scalable, modern security program with direct impact on the product and the organization’s overall security posture.
What you’ll do
Application & Platform Security
Conduct security reviews and threat modeling for new product features
Partner with engineering teams to integrate secure development practices into the SDLC
Improve vulnerability management processes and security scanning coverage
Support the implementation and optimization of tools such as SAST and dependency scanning
Promote security best practices across product and infrastructure environments
Security Operations & Threat Detection
Manage and fine-tune the Web Application Firewall (WAF)
Monitor logs, alerts, and telemetry to identify suspicious or malicious activity
Investigate and respond to security incidents
Improve detection, logging, and alerting across the platform
Help strengthen operational security processes and incident response readiness
Identity & Access Management
Drive the implementation of SSO and centralized identity management
Design and enforce least-privilege access controls
Establish RBAC policies and support periodic access reviews
Contribute to MFA and broader identity security initiatives
Security Strategy & Program Development
Help define and evolve the company’s security roadmap
Establish measurable security KPIs and reporting practices
Evaluate and recommend tools, controls, and process improvements
Collaborate with leadership on security and privacy-related initiatives
Support the implementation of MDM solutions such as Jamf, Kandji, Intune, or similar
Provide ad hoc support for day-to-day security tooling and IT/security operations, including provisioning and CI/CD-related access management
What we’re looking for
Required
5+ years of experience in Security Engineering, SecOps, AppSec, or DevSecOps
Strong experience securing AWS cloud environments
- Hands-on experience with AWS-native security services, including:
IAM
GuardDuty
Security Hub
CloudTrail
CloudWatch
Detective
Inspector
KMS
Secrets Manager
Certificate Manager
Strong understanding of web application security and the OWASP Top 10
Experience managing and tuning Web Application Firewalls (WAF)
Experience with security monitoring, threat detection, and incident response
Experience conducting application security reviews and threat modeling
Familiarity with identity and access management, including SSO, RBAC, and MFA
Ability to integrate security tooling into engineering workflows and CI/CD pipelines
Nice to have
Experience building or scaling security programs in growing organizations
Experience supporting consumer-facing or high-traffic platforms
Familiarity with compliance and security frameworks such as SOC 2, ISO 27001, or similar
Exposure to privacy-related security requirements such as GDPR
Scripting or automation experience with Python, Bash, Go, or similar languages
Why this role
This is an opportunity to join a growing environment where security is becoming a strategic priority. You’ll have the chance to influence architecture, processes, and tooling from an early stage while working closely with engineering and leadership teams.
If you enjoy building practical, scalable security solutions and want to make a visible impact, this role could be a great fit.
About the customer : They provide a map-based, real-time social connection platform, primarily oriented toward adult users in the LGBTQ+ community.