Cloud Security Engineer (AWS or GCP)

Job Title: Cloud Security Engineer (AWS or GCP)

Client: American Express (AMEX)

Job Description:

We are seeking a Cloud Security Engineer to join the Strategy and Cloud Governance Team at a leading financial enterprise. This team is focused on enhancing the security posture of the organization's public cloud infrastructure — primarily AWS and GCP.

In this role, you will not necessarily configure resources hands-on, but you must have a strong understanding of cloud security principles, service configurations, IAM policies, and the shared responsibility model. You will be responsible for Service Certification, evaluating AWS/GCP services to determine alignment with best practices and internal security standards.

You will work closely with Cloud Engineers and Architects to define, review, and enforce security policies and controls through Infrastructure as Code (IaC) and policy-as-code tools within a CI/CD environment.

Key Responsibilities:

Analyze AWS and GCP service offerings to identify best practices and ensure service certification compliance.

Define and enforce security policies using Terraform Sentinel and Rego.

Collaborate with Cloud Engineers implementing security controls through Terraform, GitHub, and CI/CD tools.

Ensure alignment with corporate standards and cloud governance policies.

Understand and help manage SCPs, IAM policies, and cloud resource configurations.

Contribute to the backlog management of cloud service certifications.