← all jobs

[Remote] Cloud Security Engineer - Cloud Cert; CISSP/GIAC EAST COAST ONLY Job Details | Volkswagen AG

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Volkswagen Financial Services is focused on developing fully autonomous mobility and transportation services. As a Senior Cloud Security Engineer, you will lead the strategy, design, and implementation of AWS security capabilities, ensuring the protection of complex, distributed systems and high-value assets related to autonomous vehicle development.

Responsibilities

  • Lead the design and evolution of secure AWS architectures across services such as Amazon VPC, Amazon EC2, Amazon EKS, and AWS Lambda
  • Define and enforce enterprise-wide security standards for identity, network, data protection, and workload security using AWS IAM and AWS KMS
  • Architect scalable, secure multi-account environments leveraging AWS best practices (e.g., landing zones, guardrails)
  • Evaluate and introduce new security technologies and frameworks to enhance cloud security posture
  • Drive security-by-design principles across all cloud and platform engineering initiatives
  • Lead threat modeling, secure architecture reviews, and risk assessments for complex, distributed systems
  • Establish and mature secure SDLC practices, integrating security into CI/CD pipelines at scale
  • Oversee code reviews, security testing (SAST/DAST), and vulnerability management processes
  • Ensure adherence to standards such as OWASP Top 10 and CWE/SANS Top 25
  • Mentor engineering teams on secure coding, architecture patterns, and cloud-native security practices
  • Lead enterprise vulnerability management strategy across cloud infrastructure and applications
  • Perform advanced threat-centric assessments to identify systemic risks and architectural weaknesses
  • Prioritize remediation efforts based on business impact and threat intelligence
  • Ensure compliance with internal policies and external frameworks (e.g., SOC 2, ISO 27001, NIST)
  • Partner with audit and compliance teams to streamline evidence collection and control validation
  • Design and mature cloud detection and response capabilities using tools such as Amazon GuardDuty, AWS Security Hub, Amazon CloudWatch, and AWS CloudTrail
  • Develop advanced detection rules, automate response workflows, and improve alert fidelity
  • Lead and coordinate incident response for high-severity security events
  • Conduct post-incident reviews and drive long-term remediation and resilience improvements
  • Act as a strategic liaison between Security, DevOps, Platform, and Engineering leadership
  • Influence architectural decisions and drive adoption of security best practices across teams
  • Lead security initiatives, roadmap planning, and cross-functional projects
  • Develop and deliver advanced security training and awareness programs
  • Mentor junior engineers and contribute to building a strong security engineering culture

Skills

  • 7 - 9 years of experience in technical aspects of cloud, applications, web or mobile
  • 5+ years of experience in IT security function
  • B.S. in Information Technology, Computer Science or equivalent work experience
  • Exceptional communication skills
  • Problem solving skills
  • Analytical skills
  • Conceptual thinking skills
  • Integration - joining people, processes, systems
  • Excellent presentation and writing skills
  • Experience with cross-functional collaboration
  • Ability to build and maintain strong ties in a multicultural environment
  • Strong customer orientation
  • Advanced hands-on experience with SIEM platforms for real-time monitoring, threat detection, and incident response, including: Splunk, Elastic Stack (ELK), or Sumo Logic
  • Designing and implementing SIEM integrations with cloud-native services and Kubernetes environments
  • Developing log aggregation strategies, correlation rules, and alerting mechanisms to detect misconfigurations, anomalous behavior, and unauthorized access
  • Deep expertise in Infrastructure-as-Code (IaC) with a strong emphasis on scalable and secure design: Terraform (strongly preferred), AWS CloudFormation, AWS CDK
  • Proven ability to enforce security guardrails and policy-as-code within IaC pipelines
  • Extensive experience with cloud-native security platforms and posture management tools, such as: Wiz, Prisma Cloud, AWS: AWS Security Hub, Amazon GuardDuty, AWS Config, Azure: Microsoft Defender for Cloud, Microsoft Sentinel, GCP: Security Command Center, Forseti Security
  • Strong architectural knowledge of cloud security fundamentals, including: Identity and Access Management (IAM) models (RBAC/ABAC) and least-privilege enforcement, VPC architecture, network segmentation, security groups, flow logs, and private endpoints, Encryption standards (TLS), key management (KMS), and secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager)
  • Expertise in container and Kubernetes security, including: Pod security controls (Pod Security Policies, Pod Security Standards) and runtime security (e.g., Falco), Policy-as-code frameworks such as Open Policy Agent (OPA)/Gatekeeper, Kyverno, or KubeArmor, Secure image scanning and software supply chain security tools (e.g., Trivy, Grype, Snyk)
  • Proven leadership in DevSecOps practices, including: Designing and implementing automated security testing, validation, and remediation within CI/CD pipelines, Driving secure-by-design principles across engineering teams
  • Experience conducting cloud security assessments and audits, with the ability to: Identify risks, gaps, and misconfigurations, Deliver actionable remediation guidance aligned with compliance frameworks and incident response strategies
  • Strong communication and cross-functional collaboration skills, with experience influencing engineering, DevOps, and platform teams
  • Masters in Information Technology, Computer Science (or related education)
  • Relevant cloud certifications, such as: AWS, Azure, or GCP Professional/Specialty certifications
  • Industry-recognized security certifications, including: CISSP, GIAC, or equivalent advanced security credentials
  • Nice-to-have domain expertise in areas such as data telemetry, V2X communications, or OTA infrastructure

Company Overview

  • Volkswagen Financial Services has been helping drivers around the world with their journey to owning a new Volkswagen. It is a sub-organization of Volkswagen Group. It was founded in 1955, and is headquartered in Herndon, Virginia, USA, with a workforce of 10001+ employees. Its website is https://www.vwfs.com/.
  • More open positions

    [Remote] Financial Analyst - Performance Operations Job Details | Volkswagen AG

    Work from home Full-time role

    [Remote] Senior Data Engineer - DevOps

    Work from home Full-time role

    [Remote] Senior Front-End Developer

    Work from home Full-time role

    [Remote] Claims Business Consultant – Healthcare

    Work from home Full-time role

    [Remote] CyberArk Devops Engineer with Conjur

    Work from home Full-time role

    VIRTUAL/DISTANCE LEARNING PARAPROFESSIONAL

    Work from home Full-time role

    Scientific/Medical Writer

    Work from home Full-time role

    Medical Interpreter ( Karennie <> English ) 100% Remote

    Work from home Full-time role

    Faculty Affairs Administrator 2 (Remote Opportunity)

    Work from home Full-time role

    Event & Travel Coordinator – Work From Home

    Work from home Full-time role

    Senior Manager, Advisory Services - Government Pricing

    Work from home Full-time role

    (Entry-Level / No Experience Required) Remote Part-Time Data Entry Clerk – Accuracy-Focused Information Management & Administrative Support Opportunity with careerzynith

    Work from home Full-time role

    Junior Regional Account Manager - Manaus, Amazonas, Brasil

    Work from home Full-time role

    Senior Full Stack Developer (React, Node.js, JS & CSS)

    Work from home Full-time role

    Head of Accounting, Germany

    Work from home Full-time role

    [Hiring] Intake Specialist @Greenberg Gross LLP

    Work from home Full-time role

    Senior Specialist, Human Resources

    Work from home Full-time role

    Senior DevOps Engineer - Azure

    Work from home Full-time role

    Vietnamese Onsite Interpreter

    Work from home Full-time role

    Remote Telecommunications Project Manager

    Work from home Full-time role

    Experienced Entry-Level Aviation Professional – Southwest Airlines Remote Work From Home Part-Time Position in Aircraft Wiring and Electrical Systems

    Work from home Full-time role