Cloud Security Engineer AWS

Cloud Security Engineer AWS

We’ve learned that scammers are impersonating Commvault team members—including HR and leadership—via email or text. These bad actors may conduct fake interviews and ask for personal information, such as your social security number. What To Know: Commvault does not conduct interviews by email or text. We will never ask you to submit sensitive documents (including banking information, SSN, etc) before your first day. If you suspect a recruiting scam, please contact us at wwrecruitingteam@commvault.com

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.

The Opportunity

The Cloud Security Engineer AWS will play a critical role in securing the organization’s public cloud environments, with a primary focus on Amazon Web Services (AWS). This is a hands-on engineering position that combines cloud security operations with security enablement. The engineer will partner with internal teams that leverage AWS but may lack deep cloud security expertise, acting as a Cloud Security Subject Matter Expert (SME) to provide guidance, implement controls, and help teams adopt secure configurations. This role requires strong knowledge of AWS security services and concepts, as well as foundational security principles, to ensure the organization’s cloud deployments are safe, compliant, and resilient.

What You’ll Do…

• Cloud Security Operations
• Implement and maintain security controls in AWS environments, including AWS Security Hub, GuardDuty, and AWS Config.
• Work to define and deploy unified security controls across AWS accounts and organizational units, ensuring consistency and compliance.
• Serve as a Cloud Security SME to educate and guide internal teams on how to respond to their own security alerts and incidents in AWS.
• Security Enablement & Guidance
• Partner with application and infrastructure teams to teach AWS security best practices and help them adopt secure configurations.
• Support secure deployment patterns for: Identity and Access Management (IAM roles, policies, MFA, AWS SSO), Network Security (VPC design, Security Groups, NACLs, AWS Firewall Manager), Encryption and Key Management (AWS KMS, Secrets Manager).
• Assist teams in implementing AWS Organizations, Service Control Policies (SCPs), and Config Rules for compliance and governance.
• Architecture & Compliance Support
• Contribute to the development of secure design patterns for AWS services.
• Ensure adherence to organizational security standards and regulatory requirements.
• Support security automation initiatives using AWS-native tools and Infrastructure-as-Code (Terraform, CloudFormation).
• Continuous Improvement
• Stay current on emerging AWS security features and threat trends.
• Recommend improvements to security posture based on lessons learned and industry best practices.

Who you are?

• 2–4 years of experience in information security or cloud engineering, with at least 1–2 years working with AWS.
• Strong understanding of core security principles (identity, access control, encryption, network security).
• Hands-on experience with AWS security services, including: AWS Security Hub, GuardDuty, AWS Config, IAM security best practices.
• Ability to collaborate and communicate effectively with cross-functional teams.
• Hands-on experience configuring, integrating, and operating leading cloud security tools such as CrowdStrike, Wiz, Prisma Cloud, or similar solutions for threat detection, posture management, and compliance.

Preferred

• Certification such as AWS Certified Security – Specialty or AWS Solutions Architect Associate.
• Experience with Infrastructure-as-Code (Terraform, CloudFormation) for secure deployments.
• Exposure to DevSecOps practices and CI/CD pipeline security.

You’ll love working here because...

• Continuous professional development, product training, and career pathing.
• Annual health check-ups, Tuition Reimbursement.
• An inclusive company culture, an opportunity to join our Community Guilds.
• Personal accident cover and Term life cover.

Key skills/competency

• AWS Cloud Security
• Identity and Access Management (IAM)
• Network Security
• Encryption & Key Management (KMS)
• AWS Security Hub
• AWS GuardDuty
• AWS Config
• Infrastructure-as-Code (IaC)
• DevSecOps
• Compliance & Governance