Senior AWS Security & Compliance Engineer.
CofenseUnited States
Posted March 23, 2026
Full Time
About the Company
Cofense is committed to equal employment opportunity and does not discriminate against employees or applicants for employment on any legally recognized basis.
Job Description
The Sr. AWS Cloud Governance & Compliance Engineer is responsible for overseeing the governance and cost-management program for multiple AWS accounts and all SaaS tools used by Production Engineering to support Cofense PhishMe, Triage, and other SaaS offerings and customer-facing services.
Requirements
- Design, develop, and operate tools and processes that monitor and measure infrastructure spending for Cofense, Phishme, Triage, and other SaaS and other service offerings.
- Collaboratively engage across and with multiple production engineering and development teams to develop, implement, enforce, and socialize cloud security and governance guidelines that conform to AWS and industry best practices.
- Deep knowledge of AWS Cloud Infrastructure (EC2, VPC, ELB, RDS, S3, etc.) especially for analyzing infrastructure data for SaaS based offerings.
- Ability to work cross-functionally across infrastructure, finance, IT, and engineering teams to manage and reduce IaaS, SaaS, and PaaS spending over time and to adapt to the needs of the business.
- Design, implement, and maintain secure AWS architectures following AWS Well-Architected Framework security principles.
- Implement and manage AWS security services, including AWS IAM, AWS Security Hub, AWS GuardDuty, AWS Config, AWS CloudTrail, AWS WAF, AWS KMS.
- Ensure secure configuration of VPCs, security groups, network ACLs, and private networking.
- Implement least privilege access models using IAM policies and roles.
- Compliance & Governance: Ensure AWS environments meet internal security standards and external regulatory requirements.
- Support compliance with frameworks such as: ISO 27001, SOC 2, FedRAMP, CIS AWS Benchmarks, NIST.
- Maintain and monitor AWS Config rules and compliance dashboards.
- Assist with security audits, risk assessments, and remediation plans.
- Monitoring & Incident Response: Monitor cloud environments for security threats and vulnerabilities (CVE's using AWS Tooling).
- Investigate alerts generated by security tooling.
- Support incident response and forensic analysis for cloud security events.
- Maintain logging and monitoring using tools such as CloudWatch, CloudTrail, Security Hub.
