**Description:** ---------------- We are looking for a candidate interested in growing in information security and cloud computing, with hands-on experience in production AWS environments and a focus on best practices, controls, and compliance. Technical Requirements Use of Draw.io for diagram generation. Knowledge of core AWS services. Experience with AWS Organizations and Control Tower. AWS security knowledge: IAM, KMS, CloudTrail, AWS Config, Security Hub, and GuardDuty. Basic reading and interpretation of SCPs and IAM policies (JSON). Networking fundamentals: VPC, VPN / Transit Gateway, security groups, NACLs, encryption in transit and at rest. Use of AWS CLI and CloudShell. Basic knowledge of Git and familiarity with CI/CD pipelines. Desirable: familiarity with Terraform or AWS CDK. Desirable: experience with tools such as TrendMicro, CrowdStrike, and/or CyberArk. Responsibilities Execute hardening and secure configuration tasks in AWS based on baselines such as CIS, NIST, or internal controls. Support identity and access management: user onboarding/offboarding, roles, policies, MFA, and least privilege best practices. Support network security: review of VPCs, subnets, routes, egress/ingress rules, and basic troubleshooting. Implement and validate encryption controls: KMS, S3 encryption, EBS encryption, RDS encryption, TLS, and ACM. Operate and maintain logging and detection services: CloudTrail, AWS Config, GuardDuty, Security Hub, and CloudWatch. Execute standard remediations and document evidence. Collaborate with DevOps and Platform teams to integrate security controls into IaC and CI/CD. Maintain technical documentation such as checklists and runbooks. Automation (Junior Level) Reading and minor adjustments in Terraform or CloudFormation. Basic scripting in Python or Bash. Basic use of Git and understanding of CI/CD pipelines.