Cloud & DevOps Security Engineer – RDP, Cloud, Secure Deployments

## Job Title Cloud & DevOps Security Engineer – RDP, Cloud, Secure Deployments • ** ## Project Summary We’re hiring a **DevOps / Cloud Security Engineer** to help operate and harden the infrastructure of an AI-driven communications SaaS platform. This is a **part‑time / freelance** role focused on secure cloud hosting, RDP environment management, and strong protection of servers, source code, and developer access. The platform is already live and running across modern cloud services. You will take ownership of tightening security, standardizing deployments, and ensuring safe, observable environments for the development and production stacks. • ** ## What You’ll Work On - **Secure RDP & Server Access** - Design and maintain locked‑down RDP access for Windows/Linux jump hosts and development servers. - Configure user/session management, IP whitelisting/VPN, just‑in‑time access, and detailed session logging. - Set up **screen monitoring and activity reporting** on RDP and key development servers so sessions can be reviewed for compliance and security. - **Server & Cloud Security Hardening** - Harden VMs and containers against intrusion, brute‑force attempts, and privilege escalation. - Configure firewalls, security groups, WAF rules, and OS‑level defenses. - Implement continuous log collection and alerting for suspicious behavior. - **Source Code & Environment Protection** - Implement strategies to **protect the codebase** end‑to‑end: - Enforce least‑privilege access to repositories and build pipelines. - Restrict who can pull full repositories or access sensitive branches. - Separate production secrets and configs from developer environments. - Put in place policies and tooling so developers only have access to what they need (no raw production data, no unnecessary repo exposure). - **Multi‑Cloud Hosting & Operations** - Review, improve, and maintain deployments on **AWS, Azure, and GCP** (you don’t need to be an expert in all three, but must be very strong in at least two). - Design robust network layouts (VPC/VNet, subnets, routing, NAT, VPN/peering). - Set up secure storage (S3/Blob/Cloud Storage), key management (KMS/Key Vault), and backup/DR strategies. - **CI/CD, Monitoring & Automation** - Strengthen CI/CD pipelines (GitHub Actions / similar) with secure secrets management, artefact handling, and audit trails. - Implement infrastructure‑as‑code (Terraform/Pulumi) for reproducible, reviewable environment changes. - Configure metrics, logs, and alerting (Prometheus/Grafana/Cloud-native tools) for system health and security events. • ** ## Our Stack (You Don’t Need All, But You Must Be Comfortable With Most) - **Cloud:** AWS, Azure, GCP (compute, storage, IAM, networking) - **Runtime:** Docker, Kubernetes (optional but a plus) - **CI/CD:** GitHub Actions, ArgoCD / similar - **Security & Monitoring:** OS hardening tools, Fail2ban, IDS/IPS, endpoint security, Prometheus, Grafana, cloud-native monitoring - **Access & Identity:** IAM, SSO, MFA, bastion hosts, VPNs, role‑based access models • ** ## What We’re Looking For - Strong experience administering and securing **RDP environments** and remote access to cloud servers. - Proven track record of **locking down production and development environments**, including: - Activity/screen monitoring and reporting on RDP and dev servers. - Clear separation of duties and minimal‑access policies for developers. - Practical steps that keep source code and configuration safe from leaks or misuse. - Deep familiarity with at least **two major clouds** (AWS/Azure/GCP) and comfort auditing and improving existing setups. - Hands‑on work with **infrastructure automation**, logging, and incident response. • ** ## Budget & How to Propose We have already received proposals across multiple platforms with an **average rate of around $7.50/hour**, and we are looking to **finalize with someone close to this range**, depending on demonstrated expertise and ability to deliver. If you are confident you can handle the responsibilities above and help us significantly upgrade our security and operations: • *Please include in your proposal:** - A short description of **similar projects** you’ve done (especially: - Secure RDP setups with monitoring/screen recording. - Hardening and monitoring of dev/prod servers. - Source‑code and CI/CD security controls). - The **cloud platforms** you’ve worked with (AWS/Azure/GCP) and typical workloads you managed. - Your **hourly rate** (ideally close to $7.50/hr) and estimated weekly availability. - Any tooling or approaches you prefer for: - Screen/session monitoring, - Intrusion detection, - Secrets and source‑code protection. We are looking for someone who can start soon and work collaboratively with our engineering team over the next few months. Apply tot his job