[Remote] CNAPP Security Engineer (Remote) - Mid-Atlantic region

Note: The job is a remote job and is open to candidates in USA. GuidePoint Security is a rapidly growing cybersecurity firm that provides expertise and solutions to help organizations minimize risk. They are seeking a CNAPP Security Engineer to advise, develop, implement, and run CNAPP Cloud Security tools for various customers, leveraging the latest cloud security technologies. Responsibilities • Perform implementation of CNAPP and CSPM tools in multi-account AWS and Azure environments. • Implement IaC scanning tools within the CI/CD Pipelines. • Develop Infrastructure as code in Cloud Formation or Terraform. • Develop custom control checks within CNAPP Platforms using JSON, REGO, or Terraform. • Analysis – identifies and evaluates potential threats and vulnerabilities to the public cloud environments network, applications, infrastructure, and systems. • Issue Resolution – leads the resolution of identified issues in public cloud environments. • Vulnerabilities – Cloud, System, and Application • Compliance – CIS, NIST, AWS, and Azure best practices. • Cloud Entitlements – Excessive Permissions and various IAM best practices. • Secrets – unprotected secrets on VMs, Containers, and IaC repositories. • IaC – misconfigurations and vulnerabilities within developed IaC. • Deep understanding of Kubernetes and microservices security best practices. • Performs container registry scanning. • Reviewing and creating metrics, KPIs, and KRIs to track overall cloud security posture. • Create, maintain, and update runbooks for cloud configuration checks. • Assess the overall security posture of cloud security infrastructure and workloads. • Advise customers on Cloud security best practices. Skills • At least 3 years of experience working in Cloud Security with Amazon AWS, Microsoft Azure, or GCP. • Experience with Cloud Security tools like: Wiz.io, Orca, Lacework, Trivy, Aqua, Ermetic or Prisma Cloud. • Experience with integrating tools into development pipelines such as Azure DevOps, Jenkins, Etc. • Understanding of a broad range of Cloud Security issues as well as their mitigation strategies. • Understanding of Cloud Security-related vulnerabilities. • Experience developing code in Terraform, Python, PowerShell, Rego, and other languages. • Written communication skills for written interactions with clients. • Strong communication skills include articulating thoughts and refining complex problems into digestible information clearly. • Ability to manage time independently while handling multiple projects concurrently. • Bachelor’s degree in computer science or information Security preferred. • Cloud Security certifications are preferred. Benefits • Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions) • Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options) • Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans • 12 corporate holidays and a Flexible Time Off (FTO) program • Healthy mobile phone and home internet allowance • Eligibility for retirement plan after 2 months at open enrollment • Pet Benefit Option Company Overview • GuidePoint Security provides customized, innovative & valuable Information Security solutions that enable commercial federal organizations. It was founded in 2011, and is headquartered in Herndon, Virginia, USA, with a workforce of 1001-5000 employees. Its website is Company H1B Sponsorship • GuidePoint Security has a track record of offering H1B sponsorships, with 10 in 2025, 15 in 2024, 2 in 2023, 1 in 2022. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job