Principal AWS Cloud Security Consultant- Remote (Anywhere in the U.S.)

Principal AWS Cloud Security Consultant - Remote GuidePoint Security enables Fortune 500 companies, U.S. government agencies, and other enterprise clients to enhance their security posture in cloud environments. Role Overview Lead design, assessment, and governance of secure cloud environments for clients, delivering architecture design, risk assessments, compliance mapping, and cloud-native control implementation. Mentor junior staff, contribute to internal methodologies, and support pre-sales and solutioning efforts. Responsibilities Provide oversight for delivery teams, ensuring quality, consistency, and alignment with client objectives while fostering knowledge transfer. Manage and resolve client escalations, balancing satisfaction with project scope and delivery constraints. Present findings and recommendations to executive stakeholders, lead technical workshops, and facilitate security strategy sessions. Consult as an individual contributor on engagements: design secure cloud architectures for AWS and multi-cloud environments; conduct in-depth security assessments; assist clients with continuous compliance and audit readiness; conduct AWS security workshops; prepare and present client deliverables such as roadmaps, gap analyses, and architecture diagrams. Contribute to internal methodologies, templates, and reusable assessment frameworks. Mentor junior consultants and support knowledge sharing within the consultancy. Assist with scoping and pre-sales activities, including proposals and statements of work. Collaborate with internal pre-sales teams to identify use-cases and opportunities for third-party security tooling. Requirements Minimum 5 years designing AWS architecture and operating AWS workloads at scale. Deep AWS knowledge in networking, data security, IAM, automation, and cloud-native security tooling. Knowledge of emerging security patterns for AI/ML workloads in AWS, including SageMaker, Bedrock, and data protection controls. Strong understanding of IAM patterns (RBAC, ABAC), federated access, permission boundaries, SCPs, and RCPs. Proficiency in Infrastructure as Code (Terraform, CloudFormation, CDK) and secure coding practices. Experience with CIEM, CSPM, or CWPP tools. Familiarity with DevSecOps practices and integration of security into CI/CD pipelines. Programming skills in Python, Bash, or PowerShell. Experience securing Kubernetes environments, including Amazon EKS. Preferred Minimum 2 years of experience as an internal IT or security team member (not consulting). Knowledge of the Cloud Security Alliance Cloud Control Matrix. Experience with threat modeling, risk analysis, and mapping controls to frameworks such as NIST, CIS, MITRE ATT&CK. Leadership and Collaboration Ability to lead technical workshops, discovery sessions, and architecture reviews with clients. Comfortable advising both technical and non-technical stakeholders on cloud security strategy. Skilled at producing high-quality deliverables and communicating complex concepts clearly. History of mentoring junior staff or guiding teams on cloud security best practices. Collaborative mindset with strong consulting presence and client-service orientation. Education & Certifications Bachelor's degree or equivalent experience in Cybersecurity, Computer Science, Engineering, or related field. Preferred certifications: CISSP, CCSP, CCSK; AWS Certified Security – Specialty; AWS Certified Solutions Architect – Professional; Microsoft Certified: Azure Security Engineer Associate; Google Professional Cloud Security Engineer. As set forth in GuidePoint Security's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. J-18808-Ljbffr