About the role
Role Overview
Echo is seeking a Principal Cloud Security Engineer to build secure-by-default AWS platform patterns across a growing multi-account environment. This is a senior hands-on engineering role for someone who approaches security as a software and platform problem.
What You Will Do
Design and implement secure-by-default AWS account, organization, and baseline guardrail patterns across multi-account environments. Build and maintain reusable Terraform modules, policy-as-code, and infrastructure delivery patterns that prevent high-risk actions, reduce drift, and improve traceability.
Why It Might Be a Fit
The ideal candidate is equally comfortable with cloud infrastructure, modern application architectures, and developer workflows, and can work credibly across Security, Platform Engineering, Architecture, and software teams.
Requirements
- 8+ years software engineering, platform engineering, SRE, infrastructure engineering, or cloud security
- Strong hands-on experience in AWS security engineering in multi-account environments
- Deep experience with infrastructure-as-code, especially Terraform, including reusable modules and tested patterns.
- Strong software engineering or platform engineering background; ability to write production-quality code in at least one modern language such as C#, Go, Python, Java, or TypeScript
- Experience with policy-as-code, preventive guardrails, configuration governance, or cloud-native policy enforcement
- Hands-on experience securing Kubernetes/EKS and serverless patterns in AWS
- Experience building detective and preventive controls for cloud logging, monitoring, and control plane integrity.Benefits
- bonus
- healthcare
- PTO
- retirement
- learning budget
- parental leave
- wellness
- visa/relocation
- remote flexibility