HiringCafe
Posted 3d ago

Cloud & Data Platform Security Engineer

@ The Saros Group
View All Jobs
United States
RemoteContract
Responsibilities:Design access policies, Onboard/offboard identities, Integrate IAM with data platforms
Requirements Summary:5+ years cloud security engineering; AWS and data platforms; Databricks security; IAM integration; governance and compliance.
Technical Tools Mentioned:AWS security services, Databricks security, Power BI, RBAC, ABAC, SSO, MFA, SCIM provisioning, CIS benchmarks, TLS 1.2+, KMS, VPC, S3, IAM, Databricks, Azure AD, Okta
Save
Mark Applied
Hide Job
Report & Hide
Job Description



This is a remote position.

Overview:
We are seeking a highly skilled Cloud & Data Platform Security Engineer to design, implement, and govern security controls for AWS and Databricks environments that enable secure data analytics and reporting in Microsoft Power BI. This role will focus on identity and access management (IAM), compliance, security monitoring, and configuration hardening across cloud and data platforms.

Key Responsibilities

Identity & Access Management (IAM) Implementation & Governance
  • Design and enforce RBAC/ABAC policies, SCIM provisioning, and SSO/MFA for Databricks workspaces.
  • Manage identity lifecycle, including onboarding/offboarding and periodic access reviews.
  • Integrate Databricks and AWS services with enterprise IAM solutions (e.g., Azure AD, Okta).
  • Implement AWS IAM roles, policies, and permission boundaries for secure data access.
  • Ensure secure integration between AWS, Databricks, and Microsoft Power BI for reporting.
Security Architecture & Design:
  • Develop and maintain security architecture for AWS and Databricks environments supporting Power BI analytics.
  • Design secure data pipelines and enforce encryption in transit and at rest across AWS S3, Databricks, and Power BI.
  • Implement network security controls (VPC, security groups, private endpoints) for AWS and Databricks connectivity.
Requirements Gathering & Documentation
  • Lead requirements gathering sessions with stakeholders to define security needs for AWS, Databricks, and Power BI integrations.
  • Document security requirements, architecture diagrams, and implementation plans.
  • Maintain detailed security design documentation and update as environments evolve.
  • Ensure traceability between business requirements and implemented security controls.
Security Monitoring & Incident Response
  • Investigate and respond to IAM-related and platform security incidents and defects
Compliance & Risk Management

  • Ensure adherence to SOC 2, HIPAA, GDPR, and internal security standards across AWS and Databricks.
  • Implement data governance policies for sensitive data used in Power BI reporting.
Configuration & Hardening
  • Apply Databricks Security Profile features (CIS-hardened images, FIPS 140 encryption, TLS 1.2+).
  • Validate secure cluster configurations and enforce encryption policies in Databricks and AWS.
  • Harden AWS services (EC2, S3, IAM) following CIS benchmarks and best practices.
Collaboration & Reporting
  • Partner with data engineering, BI, and cloud teams to implement security best practices.
  • Provide security posture reports and IAM metrics to leadership.
  • Support secure integration of Power BI with AWS and Databricks for enterprise reporting.


Requirements

Qualifications:
Education & Experience
  • Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
  • 5+ years of experience in cloud security engineering, with a focus on AWS and data platforms.
  • Hands-on experience securing Databricks environments and integrating with enterprise IAM solutions.
Technical Skills
  • Strong knowledge of AWS security services (IAM, KMS, CloudTrail, GuardDuty, VPC).
  • Expertise in Databricks security features, cluster hardening, and workspace governance.
  • Familiarity with Microsoft Power BI integration and secure data access patterns.
  • Proficiency in implementing RBAC/ABAC, SSO/MFA, and SCIM provisioning.
  • Understanding of encryption standards (FIPS 140, TLS 1.2+) and CIS benchmarks.
Certifications (Preferred)
  • AWS Certified Security – Specialty
  • Databricks Certified Data Engineer or Security Professional
  • CISSP or CISM
  • Microsoft Certified: Power BI Data Analyst Associate (optional but a plus)
Soft Skills
  • Strong analytical and problem-solving skills.
  • Excellent communication and collaboration abilities.
  • Ability to lead requirements gathering and produce clear documentation.
  • Comfortable working in a fast-paced, cross-functional environment.


Benefits

NONE OFFERED FOR THIS POSITION


We cannot accept resumes from third-party representatives, including but not limited to staffing agencies and employers.