Desired Skills and Experience
- Assess, design, implement, automate, and document security processes and solutions leveraging Amazon Web Service (AWS) and other third-parties
- Design architecture, methods, and controls required to meet security, compliance, and audit requirements
- Proactively stay current with developments in relevant technologies
- Create and share unique ways to solve challenges with others
- Deploy security solutions in cloud environments
- In-depth knowledge of VPCs, Security Groups, and ACLs
- Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity
- Must have experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
- Develop procedures to automate security tasks during code builds and deployments
- Develop program quality metrics as both program performance indicators and enterprise risk indicators
- Respond to and, when appropriate, resolve or escalate security incidents
- Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
- Assist and train team members in the use of cloud security tools and the resolution of security issues
- Develop and maintain documentation for security systems and procedures
- Collaborate with the Ops team to build infrastructure and servers on AWS
- Mentor Cloud Engineers
- Minimum 2 years of experience as a Cloud Security Engineer
- Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others
- Knowledge of network based, system level, and application layer attacks and mitigation methods
- Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017
- Experience in DevOps environments and maintaining security in CI/CD processes
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
- Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc
- Experience working with container technology including Docker and Kubernetes
- Knowledge of AWS automation strategies and tools
- Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
- Ability to clearly and effectively communicate concerns, issues to other teams
- Experience in developing, documenting, and maintaining security procedures
- Proficient in AWS CLI, Bash, and Python
- Bachelor’s Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience
- Any recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK
- Knowledge of BC & DRP programs including risk assessment, BIA, remediation, and staging exercises
- Working proficiency with work tracking systems such as JIRA and project management solutions
- Understanding of FEDRAMP, SSAE16 SOC 2, PCI DSS