Cloud Security Engineer Location: Fountain Valley, California Compensation: Base salary range negotiable + eligible for performance-based incentives Job Description We are seeking a proactive and skilled Cloud Security Engineer to design, implement, and manage security controls and best practices within our cloud environment, with a primary focus on AWS. This role is critical to protecting cloud infrastructure, applications, and data by leveraging a wide range of security tools and platforms, including CWPP, CSPM, Firewall, and Database Access Control (DAC) solutions. Key Responsibilities Cloud Security Posture Management (CSPM): Configure, monitor, and manage AWS security services (e.g., AWS Config, Security Hub, GuardDuty) to ensure compliance and detect misconfigurations. Cloud Workload Protection (CWPP): Secure workloads such as containers, VMs, and serverless functions using CWPP solutions. Network & Web Application Firewalls: Design, deploy, and maintain security policies/rules on Cloud Firewall and WAF to mitigate threats and exploits. Incident Response: Investigate incidents, perform root cause analysis, and drive remediation efforts. Automation: Build and maintain security automation scripts/tools (Python, Bash, PowerShell) to streamline operations. Vulnerability Management: Conduct vulnerability scanning/penetration testing; partner with teams to remediate. Policy & Compliance: Define and enforce security policies, standards, and best practices for regulatory frameworks (SOC 2, ISO 27001). Access Management: Manage IAM policies, roles, and accounts to enforce least privilege, including DAC tools like ChakraMax. Threat Modeling: Contribute to architecture reviews and integrate security early in solution design. Qualifications Required: 3+ years in a dedicated cloud security role. Strong knowledge of AWS security services (IAM, Security Hub, GuardDuty, Config, Firewall, WAF, Inspector). Hands-on experience with CWPP, CSPM, and DAC tools (e.g., ChakraMax). Proficiency in scripting and automation (Python, CloudFormation, Terraform). Solid networking and security protocol expertise. Familiarity with OWASP Top 10 vulnerabilities. Strong problem-solving, communication, and collaboration skills. Bilingual Korean. Preferred: AWS Certified Security – Specialty or relevant certifications (CISSP, CCSP). Experience with container security (Docker, Kubernetes). Familiarity with CI/CD security practices and DevSecOps. Background in large-scale, enterprise-level cloud environments. Why Join As a Cloud Security Engineer, you’ll have the opportunity to: Implement security at scale across advanced AWS environments. Lead proactive defense efforts through automation, scripting, and vulnerability management. Collaborate with engineering and compliance teams to meet high standards (SOC 2, ISO 27001). Shape secure-by-design architectures through active involvement in threat modeling. Work in a high-impact environment where security drives innovation. **Pay Details:** $120,000.00 to $150,000.00 per year Equal Opportunity Employer/Veterans/Disabled To read our Candidate Privacy Information Statement, which explains how we will use your information, please navigate to https://uat.adecco.com/en-us/candidate-privacy The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable: + The California Fair Chance Act + Los Angeles City Fair Chance Ordinance + Los Angeles County Fair Chance Ordinance for Employers + San Francisco Fair Chance Ordinance **Massachusetts Candidates Only:** It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.