Cloud Security Engineer

About this role

Description:

Tyto Athene is hiring a Cloud Security Engineer to join our team of cloud, security, and compliance experts. This role is primarily focused on day-to-day security engineering, including system hardening, vulnerability remediation, cloud operations, and security tool management across AWS environments supporting federal and commercial customers. Engineers may also support GCP and Azure environments as needed.

In addition to regular business-hours responsibilities, engineers participate in a structured after-hours 24×7 on-call rotation (primary or backup) to support response to incidents, alerts, and escalations for customers operating under FedRAMP, FISMA, and NIST 800-53 frameworks.

Responsibilities:

• Perform systems administration and maintenance including patching, vulnerability scanning, compliance scanning and remediation, backups, and recovery for cloud workloads.
• Primarily support AWS environments, including Windows and Linux virtual machines, container workloads, and cloud-native services such as EC2, EBS, S3, RDS, EKS, ECS, IAM, CloudTrail, GuardDuty, Security Hub, WorkSpaces, and related AWS security services.
• Support GCP and Azure cloud environments as needed, including compute, storage, identity, and containerized workloads.
• Configure, update, and maintain security tools for endpoint protection, log collection, vulnerability scanning, compliance monitoring, and cloud security posture management (CSPM).
• Troubleshoot issues across network, compute, application, and identity layers by reviewing logs, collecting data, and analyzing system behavior.
• Implement hardening and compliance controls using CIS Benchmarks, DISA STIGs, and FedRAMP requirements.
• Remediate vulnerabilities identified by tools such as Tenable, Trivy, OpenSCAP, Anchore, Prisma Cloud/Twistlock, and similar security platforms.
• Provide quality assurance feedback during system deployments to ensure architecture meets compliance and operational requirem...