Responsibilities

Develop playbooks and address security-related tasks in AWS serverless environments.
Drive improvements in broader security posture, including application security, endpoint security, access management/just-in-time access, email and web gateways, browser security, and data loss prevention.
Collaborate with product engineering teams to raise security standards, supporting CI/CD pipelines, dependency management, and secure application design reviews.
Secure and improve AWS organization using infrastructure as code (CDK), enforcing security controls, and ensuring strong tenant isolation.
Continuously assess vulnerabilities and perform regular risk assessments.

Requirements

4+ years of experience in engineering, working as a security engineer or in security-adjacent roles.
Familiarity with compliance frameworks such as SOC, HIPAA, and/or HITRUST.
4+ years working with AWS services, including compliance and governance services like AWS Organizations, AWS CloudTrail, AWS Config, Security Hub, and GuardDuty.
Proficiency in TypeScript.
Ability to prioritize work based on business and customer needs.
High bandwidth; thoughtful attention to many areas simultaneously.
Ability to context switch as priorities shift.
Philosophical alignment with Stedi Standards and Unwritten laws of engineering.