Design and implement security solutions: Collaborate with stakeholders to understand security requirements and design appropriate solutions for cloud-based systems. This includes implementing security controls, configuring security groups, managing IAM (Identity and Access Management) policies, and utilizing AWS security tools
Cloud infrastructure security: Establish and maintain security controls and best practices for the AWS environment. Monitor and mitigate security risks, perform vulnerability assessments, and implement incident response plans
Cloud application security: Work with development teams to ensure secure coding practices and assist in implementing security measures within cloud-based applications. Conduct security reviews and assessments to identify and remediate vulnerabilities
Integration and automation: Integrate security tools and technologies into the cloud infrastructure and application lifecycle. Automate security processes where possible to enhance efficiency and accuracy
Incident response: Develop and maintain an incident response plan specific to the AWS environment. Respond to security incidents, conduct investigations, and provide recommendations for improvements
Leading efforts to counter security breaches and anticipating and reducing the likelihood of future security alerts, incidents, and disasters
Defining, planning, monitoring (may assist in implementing) and upgrading security measures, policies, and controls
Writing reports and providing insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information
Ensuring to keep the security systems up to date
Monitoring security access and maintaining the relevant data
Conducting vulnerability testing and risk analyses to assess security and performing internal and external security audits
Analyzing security breaches to identify the cause and to update incidence responses and disaster recovery plans
Verifying and coordinating security plans with outside vendors
Familiarity with basics of security architecture is desirable
Requirements :
A Bachelor's degree in computer science, programming, or related field
3-5 years' experience in the field, such as security administration
Advanced training certifications may be advantageous
The ability to work in a high-stress environment
Excellent verbal and written communication skills, interpersonal, and teaching skills
Good anticipation, analytical, and problem-solving skills
The ability to remain current on the latest technology and best practices in information security
Experience: Previous experience as a security engineer or a similar role, with a focus on cloud security and AWS. Familiarity with security principles, practices, and technologies
AWS expertise: Strong knowledge of AWS services and features, particularly in relation to security. Experience with IAM, VPC, CloudTrail, Security Groups, AWS WAF, and AWS Security Hub
Cloud security: Understanding of cloud security best practices and methodologies. Familiarity with securing cloud-based applications and infrastructure
Security frameworks and standards: Knowledge of relevant security frameworks and standards, such as NIST 800-53, ISO 27001, and CIS benchmarks. Experience implementing security controls and ensuring compliance
Scripting and automation: Proficiency in scripting languages like Python, PowerShell, or Bash. Experience with automation tools like AWS CloudFormation, Terraform, or Ansible
Certifications: AWS certifications related to security, such as AWS Certified Security - Specialty or AWS Certified Solutions Architect - Associate, are highly desirable