Specialist Cloud Security Engineer Lisboa

Join our team at Amgen Capability Center Portugal, the #1 company in Best Workplaces (201–500 employees category) in 2024 by the Great Place to Work Institute. With over 400 talented individuals from more than 40 nationalities, our Lisbon center thrives at the intersection of innovation, excellence, and inspiration. This is your opportunity to explore the future of healthcare through technology and digital innovation, supporting our mission To Serve Patients.

SPECIALIST CLOUD SECURITY ENGINEER

At Amgen, Technology isn’t just a support function—it’s a catalyst for discovery, transformation, and real‑world impact. Here, your ideas fuel innovation that improves and saves lives of patients in dire need of our medicines. Are you ready to do meaningful work that matters?

Amgen is seeking a Specialist Cloud Security Engineer to join Amgen’s Cloud Security organization who will be reporting into the Global Information Protection Organization in Amgen and will be based in Lisbon, PRT, at Amgen’s new Capability Center.

As a Specialist Cloud Security Engineer, you will be providing remediation strategies, and executing project activities to complete tactical objectives. You will play a key role in designing, deploying, and maintaining solutions, automate security assessments, audits, policy and standard enforcements, and more.

Key responsibilities

• Design and implement secure cloud architectures ensuring alignment with enterprise security frameworks and regulatory requirements.
• Develop and enforce cloud security controls including IAM policies, network segmentation, encryption standards, and key management (KMS, HSM) to safeguard data and workloads.
• Continuously assess cloud configurations using automated compliance and vulnerability management tools to identify misconfigurations and security risks.
• Develop and maintain Infrastructure-as-Code (Ia
  C) templates (e. g. , Terraform, Cloud
  Formation) with embedded security guardrails and
  -
  - code enforcement.
• Integrate
  - native logging and monitoring services (e. g. , AWS Cloud
  Trail, Azure Monitor, GCP Cloud Logging) into centralized SIEM platforms for threat detection and analysis.
• Collaborate with Dev
  Ops and application teams to embed security into CI/CD pipelines and implement automated scanning, secrets management, and dependency validation.
• Respond to
  - related security incidents, conduct forensic investigations, and implement remediations to prevent recurrence and strengthen detection mechanisms.
• Conduct threat modeling and risk assessments for new cloud solutions and emerging services, ensuring alignment with organizational risk appetite and compliance standards.
• Research and evaluate emerging cloud technologies and security tools to enhance resilience, efficiency, and automation across cloud environments.
• Develop and maintain technical documentation, runbooks, and operational standards for cloud security processes, controls, and procedures.
• Provide expert guidance and training to engineering, operations, and product teams on secure cloud design principles and best practices.
• Lead efforts and participate in audits covering information security services and technologies.
• This position requires after hours responsibilities and may require some travel.

What We Expect Of You

• Strong command of security foundations, e. g. authentication, authorization, confidentiality, integrity, and availability.
• Solid understanding of security principles such as the principle of least privilege or economy of mechanism.
• Good working knowledge of cryptography, e. g. key management, symmetric, and asymmetric encryption.
• Comprehensive experience with Amazon AWS, understanding of Identity and Access Management, Data Protection, Secure Dev
  Ops, Security Operations, and other security domains for Cloud.
• Working/Emerging knowledge of Enterprise Cloud Solutions across Iaa
  S, Paa
  S & Saa
  S. This may include: AWS, Azure, Open
  Stack, Cloud Foundry, Salesforce, Microsoft Office 365, Box, etc.
• Emerging Knowledge of Identity Governance, Cloud SOC/SIEM, Public, Private and Hybrid cloud solutions.
• Good hands‑on experience with AWS foundation services related to compute, network, storage, content delivery, administration and security, deployment and management, automation technologies.
• Technical experience with micro services programming (AWS Lambda, Docker, etc. ).
• Experience using AWS Cloud Services (EC2, Dynamo
  DB, API Gateway, RDS, Lambda, Cloud
  Front, Cloud
  Formation, Cloud
  Watch, Route 53, etc. ).
• Extensive experience in architecting, designing and programming applications and RESTFUL Services in an AWS Cloud environment.
• Experience architecting highly available systems that utilize load balancing, horizontal scalability and high availability.
• Experience in one of the following: Java/Node. js/Python/JSON policy language.
• Good verbal and written communication skills.
• Team-oriented, placing priority on successful completion of team goals.
• Self-starter with a high degree of initiative.
• CISSP or equivalent
  - related industry certifications.
• AWS Certified Professional or higher.

Basic Qualifications

• Minimum Education required - High School diploma. (Ideally a Bachelor degree on a related career field).
• Ideally +/- 5 years of Information Security or Information Technology experience.

What You Can Expect Of Us

• Work That Matters – Build tech that accelerates scientific breakthroughs and helps patients worldwide.
• Modern Tech Stack – Cloud-first,
  - focused, AI-powered.
• Global Scale, Agile Mindset – Collaborate across continents while working in nimble,
  - impact teams.
• Continuous Learning – Access to certifications, trainings, mentorship, and career mobility.
• Amgen Total Rewards Plan – Comprehensive benefits in healthcare, finance, and
  - being.
• Flexibility – Hybrid work model with time split between our Lisbon office and remote work.

Amgen is an Equal Opportunity employer and will consider you without regard to your race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. We will ensure that individuals with disabilities are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request an accommodation.