Desired Skills and Experience
- Codify traditional security processes to take humans out of the equation making security consumable as a service
- Work across multiple Security Epics such as IAM, Logging and Monitoring, Infrastructure Security, Data Protection, and Incident Response
- Build security guardrails into the CI/CD pipeline to stop security misconfigurations and vulnerabilities before they happen, creating a tight feedback loop between security and development teams
- Build Cloud Native Detective and Responsive controls that enforce the security baseline at scale
- Build AMI and Docker Image life cycle management systems to integrate with the vulnerability scanning solutions to provide image rehydration based on vulnerability scanning assessments
- Build automation to actively audit the infrastructure for security misconfigurations
- Provide security expertise on system, network, encryption, authentication, and governance
- Developing secure design patterns for cloud architectures developed in public or private cloud environments.
- Research emerging trends and technologies to assess the threats they may face
- Support vendor and partner security assessments
- Experience with engineering best practices to include analyzing, designing, developing, deploying, and supporting software solutions, and/or infrastructure implementations/upgrades.
- Hands on experience with AWS services such as VPC, EC2, RDS, IAM, KMS, WAF, Lambda, CloudTrail, CloudWatch, Dynamodb, SQS, CloudFront, S3, and Config
- Knowledge of Infrastructure as Code, Immutable Infrastructure, and continuous integration/deployment practices
- Proficient in at least one programming language (Python, Javascript)
- Experience in version control systems such as Git, GitLab, etc.
- Experience administering and hardening Linux and Windows systems
- Familiarity with security issues associated with containers, distributed systems, and large scale web application
- Willingness to continuously learn and share learnings with others
- Ability to work in a fast-paced, rapidly changing environment
- Very strong verbal and written communication skills
- Minimum 3 years working with web-scale environments
- Minimum 2 years working in a security capacity
- Strong problem solving skills
- Strong sense of ownership and the ability to work with a limited set of requirements.
- Ability to explain technical solutions to technical and non-technical teams.
- 4-8 years of experience.