Cloud and Data Security

Tech3pillars Technologies

NULL, VA

JOB DETAILS
SKILLS
Amazon Elastic Compute Cloud (EC2), Amazon Simple Storage Service (S3), Amazon Web Services (AWS), Analysis Skills, Benchmarking, Best Practices, Business Intelligence, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Science, Computer Security, Cross-Functional, Cryptography, Data Analysis, Data Management, Documentation, FIPS (Federal Information Processing Standards) 140, HIPAA (Health Insurance Portability and Accountability Act), Identity Data Management, Information/Data Security (InfoSec), Leadership, Maintain Compliance, Metrics, Microsoft Access Database, Microsoft Product Family, Microsoft Windows Azure, Network Security, Onboarding, Policy Implementation, Power BI, Private Security, Problem Solving Skills, Protective Services, Requirements Management, Risk Management, SSL-TLS (Secure Socket Layer - Transport Layer Security), Security Architecture, Security Design, Security Monitoring, Single Sign-On (SSO), Software Engineering, Team Player, Traceability
LOCATION
NULL, VA
POSTED
1 day ago

Below is the detailed JD

Role: Cloud and Data Security Engineer

Overview:
We are seeking a highly skilled Cloud & Data Platform Security Engineer to design, implement, and govern security controls for AWS and Databricks environments that enable secure data analytics and reporting in Microsoft Power BI. This role will focus on identity and access management (IAM), compliance, security monitoring, and configuration hardening across cloud and data platforms.

Key Responsibilities

Identity & Access Management (IAM) Implementation & Governance

  • Design and enforce RBAC/ABAC policies, SCIM provisioning, and SSO/MFA for Databricks workspaces.
  • Manage identity lifecycle, including onboarding/offboarding and periodic access reviews.
  • Integrate Databricks and AWS services with enterprise IAM solutions (e.g., Azure AD, Okta).
  • Implement AWS IAM roles, policies, and permission boundaries for secure data access.
  • Ensure secure integration between AWS, Databricks, and Microsoft Power BI for reporting.

Security Architecture & Design

  • Develop and maintain security architecture for AWS and Databricks environments supporting Power BI analytics.
  • Design secure data pipelines and enforce encryption in transit and at rest across AWS S3, Databricks, and Power BI.
  • Implement network security controls (VPC, security groups, private endpoints) for AWS and Databricks connectivity.

Requirements Gathering & Documentation

  • Lead requirements gathering sessions with stakeholders to define security needs for AWS, Databricks, and Power BI integrations.
  • Document security requirements, architecture diagrams, and implementation plans.
  • Maintain detailed security design documentation and update as environments evolve.
  • Ensure traceability between business requirements and implemented security controls.

Security Monitoring & Incident Response

  • Investigate and respond to IAM-related and platform security incidents and defects

Compliance & Risk Management

  • Ensure adherence to SOC 2, HIPAA, GDPR, and internal security standards across AWS and Databricks.
  • Implement data governance policies for sensitive data used in Power BI reporting.

Configuration & Hardening

  • Apply Databricks Security Profile features (CIS-hardened images, FIPS 140 encryption, TLS 1.2+).
  • Validate secure cluster configurations and enforce encryption policies in Databricks and AWS.
  • Harden AWS services (EC2, S3, IAM) following CIS benchmarks and best practices.

Collaboration & Reporting

  • Partner with data engineering, BI, and cloud teams to implement security best practices.
  • Provide security posture reports and IAM metrics to leadership.
  • Support secure integration of Power BI with AWS and Databricks for enterprise reporting.

Qualifications

Education & Experience

  • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
  • 8+ years of experience in cloud security engineering, with a focus on AWS and data platforms.
  • Hands-on experience securing Databricks environments and integrating with enterprise IAM solutions.

Technical Skills

  • Strong knowledge of AWS security services (IAM, KMS, CloudTrail, GuardDuty, VPC).
  • Expertise in Databricks security features, cluster hardening, and workspace governance.
  • Familiarity with Microsoft Power BI integration and secure data access patterns.
  • Proficiency in implementing RBAC/ABAC, SSO/MFA, and SCIM provisioning.
  • Understanding of encryption standards (FIPS 140, TLS 1.2+) and CIS benchmarks.

Certifications (Preferred)

  • AWS Certified Security Specialty
  • Databricks Certified Data Engineer or Security Professional
  • CISSP or CISM
  • Microsoft Certified: Power BI Data Analyst Associate (optional but a plus)

Soft Skills

  • Strong analytical and problem-solving skills.
  • Excellent communication and collaboration abilities.
  • Ability to lead requirements gathering and produce clear documentation.
  • Comfortable working in a fast-paced, cross-functional environment.

About the Company

T

Tech3pillars Technologies