Cloud Security Engineer

Cloud Security Engineer at Tyler Technologies – Data and Insights (D&I) solutions within the Security team. This role shapes the security posture of the D&I cloud platform, embeds security practices into engineering workflows, and supports FedRAMP Moderate Authorization to Operate (ATO). You will partner with infrastructure, product, and engineering teams in a fast-paced, results-driven environment to secure, compliant, and resilient cloud services that support transformational change across Tyler’s platform. The D&I solutions serve as Tyler Technologies' central hub for data, reporting, analytics, and artificial intelligence capabilities. Our teams build and maintain foundational services that enable data-driven innovation across Tyler’s product portfolio, empowering teams to incorporate analytics, AI, and data-driven features into their products to better serve government agencies and communities. Work with transformative data solutions that help agencies address mission-critical outcomes. Our cloud-based data platform, open data solutions, and performance management solutions help agencies improve performance, transparency, and public engagement. Location Seattle, Washington | Remote Responsibilities Own cloud security architecture and technical controls across AWS environments. Design and operate scalable, auditable safeguards that support FedRAMP, CJIS, HIPAA, and GDPR workloads. Execute and sustain FedRAMP Moderate technical requirements in production. Partner with Product Security and GRC peers to maintain control effectiveness, remediate findings, and support ongoing authorization activities. Build and enforce automated cloud security guardrails. Establish configuration baselines, policy enforcement, and drift detection to prevent non-compliant infrastructure changes. Secure AWS network boundaries and regulated data flows. Ensure segmentation, ingress/egress controls, and inspection patterns meet regulatory and security requirements. Support cryptographic and platform security standards. Ensure encryption, key management, and platform configurations align with regulatory expectations and industry best practices. Lead security readiness for significant architectural change. Perform technical security impact analysis for new services, infrastructure changes, and boundary expansions before production deployment. Integrate cloud security telemetry into detection and response workflows. Ensure logging and security signals support continuous monitoring, investigations, and audit evidence needs. Embed cloud security into infrastructure and delivery workflows. Collaborate with Infrastructure Engineering to integrate security controls into infrastructure-as-code and CI/CD processes. Apply cloud security controls across multi-regulatory environments. Support CJIS, HIPAA, and GDPR workloads while reducing one-off solutions and improving consistency. Contribute to cloud security strategy and maturity. Help define the D&I cloud security roadmap, identify automation opportunities, and evolve security practices over time. Qualifications Soft Skills Accountable and self-directed. Owns work end-to-end, makes sound decisions with limited direction, and accepts responsibility for outcomes in regulated cloud environments. Strong judgment and decision-making. Evaluates risk thoughtfully, anticipates downstream impacts, and balances security, compliance, and delivery realities. Clear and credible communicator. Explains complex cloud security and compliance topics clearly to engineers, auditors, customers, and non-technical stakeholders; documents decisions and evidence with precision. Highly organized and reliable. Manages multiple concurrent efforts, meets deadlines consistently, and produces audit-ready work products. Resilient and adaptable. Manages shifting priorities, audit pressure, and evolving regulatory requirements without sacrificing quality. Detail-oriented with systems thinking. Understands how individual cloud or configuration decisions affect broader platform risk and customer trust. Pragmatic and solutions-focused. Seeks practical, sustainable security outcomes and moves work forward within constraints. Collaborative and team-oriented. Works effectively across security, infrastructure, engineering, and compliance teams. Open to feedback and continuous improvement. Actively seeks input and develops skills aligned with role and organizational goals. Tools and Technologies AWS cloud security and infrastructure services (IAM, VPC, Security Groups/NACLs, CloudTrail, GuardDuty, Config, Security Hub, KMS, CloudWatch). Infrastructure as Code (Terraform or CloudFormation) with secure deployments and baselines. Linux-based operating systems with strong CLI proficiency and OS hardening knowledge. Network security fundamentals, segmentation, private connectivity, and secure service-to-service communication. Cloud-native security monitoring and logging, centralized log aggregation, alerting, investigation, and correlation. Vulnerability and cloud security posture management, misconfiguration detection, risk prioritization, and remediation tracking. Security automation and scripting (Python or Bash) to validate configurations and collect evidence. Secure CI/CD and engineering collaboration, including security checks in pipelines and reviewing changes via PRs in GitHub. Experience securing containerized workloads in AWS (ECS/Fargate), including IAM roles, networking, logging, and shared responsibility. Experience with modern cloud security tooling, cloud posture management, telemetry, and centralized log analysis platforms. (Examples: GitHub Advanced Security, Tenable Cloud Security, CrowdStrike, Sumo Logic; familiarity with Nessus, AquaSec, Invicti; CI/CD platforms like Jenkins or GitHub Actions is a plus) Working knowledge of NIST-based security frameworks, particularly NIST SP 800-53, mapping implementations to controls and audit evidence. Experience in compliance-driven environments (FedRAMP Moderate, CJIS, HIPAA, SOC 2 or similar). Identity, access, and cryptography fundamentals, least privilege, service roles, federated access, MFA, encryption in transit and at rest, certificate management, and FIPS-aligned practices. Ability to pass a federal background check and obtain CJIS clearance. Other Bachelor's degree in a related field preferred; certifications such as AWS Security Specialty, AWS Solutions Architect, CompTIA Security+, CISSP are valued. Candidates with less experience directly applicable to this position will be considered. You belong here. Not everyone checks every box, and we encourage you to apply. State-Specific Salary Range Disclosure Requirements Salary will generally fall between $74,575 - $150,000 before adjustment for geographic differences. Recruiter can confirm if position is incentive eligible. Taking Care of You & Your Family Your health and well-being are important. Tyler offers competitive benefits to support health and financial wellness. Learn more about how we care for our people. Tyler is subject to regulations and background checks; candidates must pass a federal background check at offer and during employment. Apply Online Requisition Number: #LI-Remote #LI-SB1 Tyler Technologies is proud to be an equal opportunity employer. All qualified applicants will be considered without regard to race, creed, gender, marital status, sexual orientation, citizenship status, color, religion, national origin, age, disability, protected veteran status, or any other status protected by law. Reasonable accommodation requests can be emailed to or call 800.646.2633 ext. 791008. Get to know our Tyler family and culture. Join our Talent Network to stay connected and up to date on our latest job openings and talent news. #J-18808-Ljbffr