Job Description
Client: Estée Lauder Companies (ELC) Title: Cloud Network Security Engineer (Information Security Engineer) Location: Hybrid (out of Long Island City office, 3 days a week on-site) - Might be flex for the contractor Full Address: 27-01 Queens Plaza North, Long Island City, NY 11101. Secaucus, NJ data center visits as needed (migration-related only) (Data center address: 275 Hartz Way, Secaucus, NJ 07094 Types of position: Contract Duration: 12 months of contact opportunity for extension or conversion into a permanent role Job Description: Cloud Security Engineer Job Description This role blends deep cloud expertise, strong security engineering, and hands‑on automation skills to support large‑scale cloud migrations and ongoing operational excellence. Cloud Security Engineers help plan and carry out an organization’s information security strategy. They develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. They develop strategies to respond to and recover from a security breach. They are well organized and thrive in fast-paced, high-energy scenarios. The candidates we are seeking should have the following security skills. Leads design and implementation of initiatives to secure, scale, and build resilient cloud infrastructure. This role focuses on architecting, migrating, and securing workloads across AWS and Google Cloud Platform (GCP) while ensuring compliance with industry regulations and best practices. Design, implement, and maintain cloud networking solutions, including VPCs, subnets, routing, peering, Transit Gateway, and hybrid connectivity. Deploy and manage AWS load balancing solutions, including ALB, ELB, and Gateway Load Balancer. Implement and maintain CloudWatch monitoring, alerting, and observability dashboards. Work with containerless architectures and modern application delivery patterns. Manage infrastructure workflows using GitHub, including version control, CI/CD pipelines, and code review processes. Build automation and tooling using Python, Ansible, and Terraform to streamline deployments and day‑to‑day operations. The individual will need to be very organized, flexible, results-oriented, and able to multitask to meet the demands of our dynamic environment The candidate should be a self-starter, be able to work with minimal supervision, properly and effectively communicate project/work status to management and peers, take full ownership and responsibility of the tasks assigned to her/him, and work them through completion. The candidate should be able to demonstrate both technical capabilities and in-depth knowledge of various cloud security, networking concepts, and technologies best practices. The candidate should have the ability to convey in non-technical terms complex technical explanations related to problems, designs, etc. 3-6 years of experience in an AWS or GCP cloud engineering role Must be comfortable with Linux and command line tools. Good understanding of security technologies such as firewall, load balancing, proxy, and authentication methods Troubleshooting know-how of network and security systems with minimal guidance is required. Low-level (packet-level) network and application protocol analysis and troubleshooting experience is required. Excellent oral and written communication and documentation skills are essential. Should provide sanitized examples of written documentation Should provide a sanitized example of any network diagrams they drew or maintain. The successful candidate will need to have a good understanding of industry-leading network and security technologies from a design, engineering, and troubleshooting perspective. Provide technical support as needed to troubleshoot issues related to cloud, networking, and security. Share the responsibility for operational support issues and ad-hoc request processing. Opening support cases with various cloud providers, product vendors, telecom providers/carriers, and working on the cases through complete resolution. Provide after-hours and weekend support as per the On-call schedule and/or as needed. Work with internal and external IT auditors to provide necessary audit evidence and documentation (SOX, PCI, CyberSecurity) Strong collaboration with other infrastructure teams, various application development groups, other members of global technical services, and with business unit representatives to oversee and coordinate new implementations.