Lead Cloud Security Engineer

Our client is an innovative biotechnology company leveraging AI-driven drug discovery to advance cancer research and treatment. Their platform integrates high-throughput screening, machine learning, and computational biology to accelerate the development of life-saving therapies.

As part of the security team, this role is critical in safeguarding cloud infrastructure, AI-driven research, and highly sensitive biomedical data. They are looking for a Cloud Security Engineer to strengthen security controls, enforce Zero Trust Architecture, and automate security processes within a dynamic biotech environment.

The Opportunity

This role will be responsible for securing AWS cloud environments, ensuring compliance with security best practices, and collaborating with teams across DevOps, AI research, and security operations. The ideal candidate will have hands-on experience with cloud security, automation, and compliance frameworks, with a deep understanding of modern security threats and mitigation strategies.

Key Responsibilities

Cloud Security & Infrastructure Protection

• Secure AWS environments, including IAM, VPCs, S3, EC2, Lambda, and Kubernetes.
• Implement and maintain Zero Trust Architecture, enforcing segmentation and access controls.
• Manage encryption, key management, and security vaults with AWS KMS.

Threat Detection & Incident Response

• Monitor security platforms such as Lacework, AWS Security Hub, and Sumo Logic for potential threats.
• Conduct penetration testing and vulnerability scanning to proactively identify risks.
• Develop and execute incident response protocols to mitigate security breaches.

Security Automation & DevSecOps

• Integrate security controls into CI/CD pipelines to enforce infrastructure-as-code (IaC) security best practices.
• Automate security workflows using Terraform, AWS CLI, Python, Bash, or Go.
• Secure containers and Kubernetes environments (EKS, Docker) to strengthen cloud-native security.

Compliance & Governance

• Ensure compliance with ISO 27001, NIST, SOC 2, and other industry security frameworks.
• Partner with external security vendors and Managed SOC teams to conduct audits and assessments.
• Implement SSO, Zero Trust security models, and network segmentation strategies.

Who You Are

• 5 years of experience in cloud security, with a strong focus on AWS security.
• Strong knowledge of IAM, VPC security, encryption practices, and network segmentation.
• Hands-on experience with threat detection tools such as Lacework, AWS Security Hub, and Sumo Logic.
• Deep understanding of Zero Trust Architecture and modern cloud security frameworks.
• Expertise in DevSecOps workflows, infrastructure-as-code security (Terraform, CloudFormation, Ansible, or Pulumi).
• Proficiency in security automation scripting (Python, Bash, Go, AWS CLI).
• Familiarity with compliance frameworks such as ISO 27001, NIST, and SOC 2.

Preferred Certifications

• AWS Certified Security – Specialty
• Palo Alto Networks Certified Cybersecurity Associate (PCCSA) or Professional (PCNSA)
• Cisco Certified CyberOps Associate or Professional

Bonus Skills

• Experience in biotech, healthcare, or AI-driven environments.
• Familiarity with AI security risks and automation vulnerabilities.
• Experience securing high-performance computing (HPC) environments for AI workloads.
• Container security expertise (Kubernetes, Docker, AWS EKS).