Cloud Security Engineer

POSITION SUMMARY

NephoSec – Cloud Security is all we do!

We partner with and service the most advanced Cloud Security Tools on the market allowing us to provide an effective and innovative approach to cloud security, specializing in rapid identification of security vulnerabilities and action against those threats.

Our customers rely on us to drive success for even their most challenging cloud security goals with continuous innovation to maximize cloud investments while ensuring long-term protection and operational efficiency.

LOCATION: Grand Junction, CO / Job to be performed on-site 3-5 days per week

DUTIES & ESSENTIAL JOB FUNCTIONS

●      Work directly with customers to assess their cloud security needs, provide expert advice, and design robust cloud security architectures using AWS

●      Lead the implementation and management of CSPM tools, with specific expertise in Wiz.io. Continuously monitor the customer’s cloud posture, identify security gaps, and recommend actionable improvements.

●      Leverage your AWS knowledge to design and implement secure cloud infrastructures, focusing on security, compliance, and best practices for resource deployment, application management, and governance.

●      Use Open Policy Agent (OPA) to write and enforce custom Rego policies for security, compliance, and operational governance across cloud environments.

●      Apply your knowledge of Cloud-Native Application Protection Platforms (CNAPP) to help customers implement secure, scalable, and highly available cloud applications on AWS.

●      Automate cloud security processes and deploy policies to enforce compliance at scale, ensuring environments remain secure while meeting regulatory and corporate requirements.

●      Collaborate with customers to identify vulnerabilities, respond to incidents, and implement preventive measures to minimize security risks in cloud infrastructures.

●      Act as a security escalation point, assisting customers with troubleshooting complex security issues and providing guidance on remediation.

●      Educate customers on cloud security best practices, recommend solutions, and provide hands-on support for securing cloud workloads.

●      Document cloud security configurations, policies, and best practices for internal teams and customers, ensuring compliance with industry standards.

QUALIFICATIONS

●      Solid understanding of cloud security principles, risk management, and security best practices for cloud environments, particularly within AWS.

●      Extensive experience with CSPM/CNAPP solutions, specifically Wiz.io, for proactive cloud security posture management.

●      Strong experience in developing and implementing OPA Rego policies to enforce security and compliance controls across cloud environments.

●      Hands-on experience with AWS services, including EC2, S3, IAM, VPC, Lambda, RDS, and more, with a focus on cloud security, compliance, and governance.

●      Expertise in the deployment and operations of Cloud-Native Application Protection Platforms for the protection of Cloud native services including microservices, containers, serverless computing, and Kubernetes, with a focus on secure application design and deployment.

●      Experience with the use of Version Control Systems such as Git.

●      Proven ability to communicate clearly and effectively with customers, both technical and non-technical, to solve complex cloud security challenges.

●      Strong troubleshooting skills and the ability to resolve cloud security issues and implement risk mitigation strategies effectively.

PREFERRED

●      Experience with Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or similar.

●      AWS Certified Security Specialty, AWS Certified Solutions Architect, CISSP, or other relevant cloud security certifications

●      Familiarity with container orchestration platforms (e.g., Kubernetes, Amazon ECS) and securing containerized workloads.

●      Experience with continuous integration and deployment (CI/CD) security practices.

●      Works well both in a team environment and independently

This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities that management may deem necessary from time to time.

To apply, please send your resume and a cover letter to [email protected]