+ Cadastrar vaga 👤 Entrar
Vagas Áreas Como funciona Sobre + Cadastrar vaga 👤 Entrar
100% remoto

AWS Engineer (Security & Backend)

LowCode Agency • Brasil • Tecnologia

A combinar CLT • Gerência

Descrição da vaga

We have active HIPAA-related projects in flight — and we need an AWS engineer who can own the infrastructure and security layer. This is not a plug-and-play setup role. We need someone who thinks in systems, writes infrastructure as code, and understands that a misconfigured IAM policy in a healthcare context is not a learning opportunity — it's a liability. The backend work will be handled with AI-augmented development, so the right person will focus on architecture, security posture, and compliance — not boilerplate.

The Role

  • Design and implement HIPAA-compliant AWS infrastructure from the ground up (or audit/harden existing setups)
  • Configure IAM policies, VPCs, KMS encryption, and CloudTrail audit logging
  • Ensure PHI never touches a public subnet — and that the team understands why
  • Set up and manage audit logging pipelines (CloudTrail + CloudWatch + AWS Config)
  • Define and enforce encryption at rest and in transit across all relevant services
  • Write infrastructure as code using Terraform or AWS CDK
  • Work alongside our dev team and advise on security decisions throughout the project lifecycle
  • Potentially own backend development for net-new projects (scoped separately)

Requisitos

  • AI Proficiency (Mainly in Claude.ai)
  • AWS Core
  • IAM — least-privilege policies, roles, SCPs, MFA enforcement
  • VPC — private/public subnet design, security groups, NACLs, VPC endpoints
  • KMS — encryption at rest (S3, RDS, EBS), key rotation, customer-managed keys
  • CloudTrail + CloudWatch + AWS Config — audit logging is a hard HIPAA requirement
  • Secrets Manager — zero hardcoded credentials, ever
  • RDS/Aurora or DynamoDB with encryption and automated backups
  • Infrastructure as Code
  • Terraform or AWS CDK — security config lives in code, not in console clicks
  • Security posture
  • GuardDuty, Security Hub, and ideally Prowler for compliance scanning
  • Solid understanding of which AWS services are HIPAA-eligible and which are not
  • Knows what a BAA is and why it matters before a single byte of PHI goes anywhere
  • Regulated environment experience
  • 3+ years hands-on AWS experience
  • Prior exposure to at least one regulated workload — HIPAA, SOC 2, PCI DSS, or LGPD — is a strong plus
  • Comfortable working with a remote, async team

Nice to have

  • AWS Security Specialty or Solutions Architect Professional certification
  • Experience with Supabase or PostgreSQL in regulated contexts
  • Claude Certification

Vagas semelhantes

Ver mais vagas da área →
100% remoto

Azure DevOps Engineer

GeorgiaTEK Systems Inc.

▧ A combinar▧ CLT▧ Tecnologia
BrasilVer vaga
100% remoto

Software Development Analyst

QMC Telecom International

▧ A combinar▧ CLT▧ Tecnologia
BrasilVer vaga
100% remoto

Sap Basis

Cubestech Ltd

▧ A combinar▧ CLT▧ Tecnologia
BrazilVer vaga
100% remoto

Customer Success Manager (BR)

Deep Fork Automation

▧ A combinar▧ CLT▧ Tecnologia
BrazilVer vaga