Principal AWS Cloud Security Consultant- Remote (Anywhere in the U.S.)

Roles and Responsibilities:

• Provide oversight for delivery teams, ensuring quality, consistency, and alignment with client objectives while fostering knowledge transfer and consistent execution
• Manage and resolve client escalations, balancing client satisfaction with project scope and delivery constraints
• Present findings and recommendations to executive stakeholders, lead technical workshops, and facilitate security strategy sessions
• As an individual contributor, provide consulting services on customer engagements and deliver security outcomes. Tasks may include:
  • Design secure cloud architectures and reference models for AWS and multi-cloud environments
  • Conduct in-depth cloud security assessments to identify security misconfigurations, architecture and cloud operational risks, and compliance gaps
  • Assist clients with continuous compliance and audit readiness in cloud environments
  • Conduct AWS security workshops, technical interviews, and stakeholder briefings
  • Prepare and present client deliverables including security roadmaps, process improvements, gap analyses, architecture diagrams, cloud security strategies, and custom deliverables based on client needs
• Contribute to internal methodologies, templates, and reusable assessment frameworks
• Mentor junior consultants and support knowledge sharing within the consultancy
• Assist with scoping and pre-sales activities including proposals and statements of work (SOWs)
• Collaborate with internal pre-sales teams to identify use-cases and opportunities for third-party security tooling (e.g., CNAPP, secrets management, data security, cloud detection and response, NHI [Non-Human Identity], etc.)

Requirements:

Experience & Technical Proficiency

• Minimum of 5 years designing AWS architecture and operating AWS workloads at scale
• AWS knowledge must include networking, data security, identity and access management, automation, and extensive hands-on with Amazon’s cloud-native security tooling services
• Demonstrated knowledge of emerging security patterns and best practices for AI/ML workloads in AWS, including securing SageMaker environments, implementing guardrails for generative AI services (Bedrock), and applying data protection controls for model training and inference pipelines
• Strong knowledge of IAM patterns (RBAC, ABAC), federated access, permission boundaries, SCPs, and RCPs
• Proficiency in Infrastructure as Code (Terraform, CloudFormation, CDK) and secure coding practices