WHO WE ARE:

Beyondsoft Consulting, Inc. is a leading technical solutions and consulting partner. We combine emerging technologies and proven methodologies to tailor elegant solutions that solve complex challenges and empower our customers to accelerate their business goals. For the past 25+ years we have been providing a broad range of high-quality IT services, including staff augmentation, business process outsourcing, custom software solutions, test automation, digital enablement, and other software engineering and digital transformation services.

WHAT WE’RE ABOUT:

We believe that collaboration, transparency, and accountability are the values that guide our business, our delivery, and our brand. Everyone has something to bring to the table, and we believe in working together with our peers and clients to leverage the best of one another in everything we do. When we proactively collaborate, business decisions become easier, innovation is greater, and outcomes are better.

Our ability to achieve our mission and live out our values depends upon a diverse, equitable, and inclusive culture. So, we strive to foster a workplace where people have the respect, support, and voice they deserve, where innovative ideas flourish, and where people can unleash their brilliance. For more information regarding DEI at Beyondsoft, please go to https://www.beyondsoft.com/diversity/.

The ideal candidate will bring a robust understanding of cloud security frameworks, compliance requirements, and proven hands-on experience in realizing security outcomes with cloud-native security tools and automation. You will be responsible for designing, implementing, and maintaining well engineered preventive and remediation cloud security guardrails and processes, collaborating with decentralized development and operations teams. The candidate is expected to have expertise in AWS and/or Azure cloud security engineering.

Key Responsibilities

Detect, Prevent, Remediate
Identify and assess security risks, communicate potential threats to stakeholders, and implement effective remediation strategies.
Design, implement, and maintain preventive and remediation controls across AWS and Azure.
Apply and enforce industry-standard security frameworks, including CIS Benchmarks, AWS Foundational Security Best Practices (FSBP), and Microsoft Cloud Security Benchmark (MCSB).
Track and report on the effectiveness of AWS/Azure detective controls and other 3rd parties such as Wiz.
Security Engineering Process
Develop processes and cloud policies/standards, ensuring proactive and efficient response to threats.
Assist internal teams to integrate security into CI/CD pipelines and workflows.
Contribute to the development of security automation and security posture improvements.
Compliance Management
Conduct security audits, manage cloud security documentation, and ensure ongoing compliance with industry regulations (GDPR, HIPAA, etc.).
Collaboration and Training
Work closely with cross-functional teams, including developers, architects, and operations, to implement and monitor security practices.
Empower internal teams by leading training sessions and workshops on AWS and Azure security best practices.

Technical Expertise
Strong experience in AWS and/or Azure security services and frameworks.
Hands-on experience with tools like AWS security services (IAM, Security Hub, GuardDuty, CloudTrail, CloudWatch, Config, and Automated Security Remediation) and/or Azure security services (Entra ID, Cloud Defender).
Experience in securing containers and Kubernetes configurations.
Proficiency in network security, including securing virtual networks, firewalls and governance, and subnets.
Proven experience securing cloud infrastructure, including IaaS resource patching and container image scanning.
Experience with 3rd party remediation software such as Cloud Custodian, Stacklet.
Demonstrated ability to secure and manage hybrid cloud environments.
Automation and Development
Proficient in scripting and automation using Python, Terraform, and Azure/Functions or AWS/Lambda.
Experience with Infrastructure as Code (IaC) tools such as Terraform.
Develop and implement policy-as-code solutions using tools such as GitHub Copilot and AWS Code Whisperer.
Compliance Knowledge
Experience ensuring compliance with GDPR, HIPAA, and cloud security frameworks such as CIS, AWS/FSBP, and Microsoft/MCSB.
DevSecOps Practices
Proven expertise embedding security controls within DevOps workflows, CI/CD pipelines, and cloud-native development processes.
Skills with GitHub/Azure-DevOps, PowerShell, Bash, AWS/Azure CLI.
Familiarity with container security in AWS/Azure environments

Preferred Certifications (Highly Valued but Not Required)

AWS Certified Security – Specialty.
AWS Certified DevOps Engineer - Professional.
Microsoft Certified: Azure Security Engineer Associate.
Microsoft Certified: DevOps Engineer Expert.
CISSP, CCSP, or equivalent industry certifications.

💡 Having one or more of these certifications will give you a competitive edge!

Soft Skills

Strong analytical mindset with the ability to assess complex security challenges and drive innovative solutions.
Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
Ability to work collaboratively in a federated operating model.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, or any other legally protected characteristic.