Senior AWS Security & Compliance Engineer.

Reporting to the VP, Information Technology and Security, the Sr. AWS Cloud Governance & Compliance Engineer is responsible for overseeing the governance and cost-management program for multiple AWS accounts and all SaaS tools used by Production Engineering to support Cofense PhishMe, Triage, and other SaaS offerings and customer-facing services.

Essential Duties/Responsibilities

• Design, develop, and operate tools and processes that monitor and measure infrastructure spending for Cofense, Phishme, Triage, and other SaaS and other service offerings.
• Collaboratively engage across and with multiple production engineering and development teams to develop, implement, enforce, and socialize cloud security and governance guidelines that conform to AWS and industry best practices.
• Deep knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS, S3, etc.) especially for analyzing infrastructure data for SaaS based offerings.
• Ability to work cross-functionally across infrastructure, finance, IT, and engineering teams to manage and reduce IaaS, SaaS, and PaaS spending over time and to adapt to the needs of the business.
• Design, implement, and maintain secure AWS architectures following AWS Well-Architected Framework security principles.
• Implement and manage AWS security services, including:
  • AWS IAM
  • AWS Security Hub
  • AWS GuardDuty
  • AWS Config
  • AWS CloudTrail
  • AWS WAF
  • AWS KMS
• Ensure secure configuration of VPCs, security groups, network ACLs, and private networking.
• Implement least privilege access models using IAM policies and roles.
• Other duties as assigned.

Compliance & Governance

• Ensure AWS environments meet internal security standards and external regulatory requirements.
• Support compliance with frameworks such as:
  • ISO 27001
  • SOC 2
  • FedRAMP
  • CIS AWS Benchmarks
  • NIST
• Maintain and monitor AWS Config rules and compliance dashboards.
• Assist with security audits, risk assessments, and remediation plans.

Monitoring & Incident Response

• Monitor cloud environments for security threats and vulnerabilities (CVE's using AWS Tooling).
• Investigate alerts generated by security tooling.
• Support incident response and forensic analysis for cloud security events.
• Maintain logging and monitoring using tools such as:
  • CloudWatch
  • CloudTrail
  • Security Hub

Education and/or Experience:

• US Citizenship - related to FedRamp
• Bachelor's Degree and/or industry-recognized security certifications preferred.
• Minimum of 6 to 8 years IT Infrastructure experience with a strong background in information security, compliance, or incident response in large enterprise environments.
• Minimum of 4- 6 years AWS experience.
• Experience building, using, and optimizing, SaaS-based cloud spending tools to track Cloud resource utilization.
• Experience using system and infrastructure monitoring tools such as Graphite, Grafana, and/or DataDog to measure and monitor system and application utilization.
• Strong track record of reducing and optimizing AWS spending in large AWS Environments with dozens (or more) accounts and 1000s to 10,000s of compute and data resources.
• Previous resource or project management experience in mid to large-Enterprises working across multiple departments drive to effectively drive process improvements.
• Past experience working as part of distributed, remote-first engineering team.

- Disclaimer-

The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.

Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.

Client-provided location(s): Flexible / Remote

Job ID: cofense-SENIO002096

Employment Type: FULL_TIME

Posted: 2026-03-24T19:57:15