AWS Cloud Security Engineer San Francisco, CA (remote)

Swish Analytics is a sports analytics, betting and fantasy startup building the next generation of predictive sports analytics data products. We believe that oddsmaking is a challenge rooted in engineering, mathematics, and sports betting expertise; not intuition. We're looking for team-oriented individuals with an authentic passion for accurate and predictive real-time data who can execute in a fast-paced, creative, and continually-evolving environment without sacrificing technical excellence. Our challenges are unique, so we hope you are comfortable in uncharted territory and passionate about building systems to support products across a variety of industries and consumer/enterprise clients.

Job Description - This position is 100% Remote

Key Responsibilities:

1. 5-8 years of hands-on experience in AWS Security:

• Strong knowledge of IAM (roles, policies, least privilege)
• Experience with AWS security services (e.g., GuardDuty, Security Hub, Inspector, Macie, KMS, CloudTrail, WAF, Shield)
• Familiarity with VPC security, subnet segmentation, NACLs, and security groups
• Familiarity with security and logging tools such as BurpSuite, OWASP ZAP, CrowdStrike, Datadog, etc.
• Deep understanding of AWS Well-Architected Framework, especially the Security Pillar
• Experience implementing and maintaining cloud security posture management (CSPM) tools and frameworks
• Proficient in Infrastructure-as-Code (IaC) using tools such as Terraform, CloudFormation, or AWS CDK
• Experience managing infrastructure and security policies through Git repositories
• Integrating security tools into CI/CD pipelines (e.g., Snyk, Checkov, Trivy, SonarQube)
• Automating compliance and security checks
• Experience with Github
• Container security best practices (ECR, ECS, EKS, etc.)
• Kubernetes and container security expertise:
• Knowledge of network policies, RBAC, Pod Security Standards, and runtime security
• Proficiency with scripting languages like Python, Bash, or PowerShell for automation and security tooling
• Experience with security incident response in AWS environments, including detection, analysis, and mitigation

Certifications (Preferred but not required):

• AWS Certified Security – Specialty
• AWS Certified Solutions Architect – Associate or Professional
• Certified DevSecOps Professional (e.g., DevSecOps Foundation)
• GIAC Cloud Security Automation (GCSA) or similar
• Certified Kubernetes Security Specialist (CKS)

Soft Skills:

• Strong problem-solving and analytical skills
• Ability to work cross-functionally with developers, cloud engineers, and security teams
• Clear communication skills with both technical and non-technical stakeholders
• Self-starter mindset with the ability to work in a fast-paced, agile environment

Swish Analytics is an Equal Opportunity Employer. All candidates who meet the qualifications will be considered without regard to race, color, religion, sex, national origin, age, disability, sexual orientation, pregnancy status, genetic, military, veteran status, marital status, or any other characteristic protected by law. The position responsibilities are not limited to the responsibilities outlined above and are subject to change. At the employer’s discretion, this position may require successful completion of background and reference checks.