Job Description:
The incumbent shall have at least 5 years of experience with AWS security components, cloud security design, and architecture, with a focus on assessing and implementing security measures in AWS environments. The individual must have experience handling cloud security independently and be capable of working collaboratively with cross-functional teams.
The incumbent will work under the supervision of the Cybersecurity Officer – Security Architecture
SME, within the Cybersecurity Assurance Team of the ICC Cybersecurity Division, and will be in
collaboration with other relevant teams across ICC. The incumbent will undertake the following duties
and deliverables:
• Design and implement incident response processes and workflows in AWS environments.
• Collaborate with stakeholders to perform root cause analysis and remediation of security
incidents.
• Integrate incident response tools with AWS services, including AWS CloudTrail, Amazon
GuardDuty, and AWS Security Hub.
• Configure and manage logging services using AWS CloudTrail, Amazon CloudWatch, and AWS
Config for continuous monitoring.
• Set up real-time alerts and dashboards for anomaly detection and incident notification.
• Implement security baselines and compliance monitoring with AWS Config Rules.
• Design and deploy secure network architectures in AWS, including Virtual Private Cloud (VPC)
configurations, security groups, NACLs, and private subnets.
• Implement secure access to AWS infrastructure using bastion hosts, VPNs, or AWS Client VPN.
• Perform regular vulnerability assessments using tools like Amazon Inspector and third-party
integrations.
• Develop and implement IAM policies, roles, and permissions to enforce least privilege access.
• Configure AWS IAM Identity Center (SSO) for centralized identity management.
• Manage authentication using MFA, federated identities, and AWS Cognito.
• Implement encryption mechanisms for data at rest and in transit using AWS KMS, S3 encryption,
and SSL/TLS.
• Secure sensitive data stored in S3 buckets, DynamoDB, and RDS with encryption and access
controls.
• Conduct key rotation and lifecycle management using AWS KMS and AWS Secrets Manager.
• Develop and maintain security controls aligned with AWS Well-Architected Framework, NIST, CIS
Benchmarks, and ISO 27001.
• Automate compliance checks using AWS Config, AWS Audit Manager, and AWS Security Hub.
• Prepare documentation and evidence for security audits and assessments.
• Collaborate with DevOps teams to secure CI/CD pipelines implementing ICC DevSecOps best
practices
• Implement containers security best practices for Amazon EKS, ECS environments.
• Provide training to internal teams on AWS security best practices.
• Maintain updated documentation and knowledge repositories for AWS security implementations.
Required Technical Skills:
The resource MUST have the following skills and experience:
• Deep knowledge of the AWS Security Reference Architecture (SRA).
• Experience with AWS services for incident detection and response, including AWS GuardDuty,
Detective, Inspector, and Security Hub.
• Ability to analyze and respond to security incidents effectively using AWS-native tools.
• Proficiency in setting up and managing AWS CloudTrail, CloudWatch, and AWS Config for
continuous monitoring and continuous compliance.
• Expertise in creating dashboards and alerts for real-time security monitoring.
• Hands-on experience designing and managing secure VPC architectures, including security
groups, NACLs, and network segmentation.
• Experience with AWS WAF, AWS Shield, and Amazon Inspector for infrastructure protection.
• Deep understanding of IAM policies, roles, and permission management.
• Experience implementing advanced authentication mechanisms like MFA, SSO, and federated
access.
• Knowledge of encryption technologies, including AWS KMS, SSL/TLS, and S3 bucket policies.
• Experience implementing data protection strategies for cloud-native applications.
• Familiarity with AWS Well-Architected Framework, NIST, CIS, and other compliance frameworks.
• Proficiency in using AWS Config, Audit Manager, and Security Hub for governance and
compliance.
• Expertise in automating security tasks using AWS SDKs, CLI, and scripting languages like Python
or Bash.
• Strong knowledge of container security best practices for Amazon EKS, ECS.
• Experience integrating security tools into CI/CD pipelines
The resource SHOULD also have the following additional skills:
• Hands on experience with third-party and open source cloud security tools such as Prowler,
Zeus, CloudSploit scans, Lynis, OpenScap.
• Advanced understanding of AWS Lambda and securing serverless architectures.
Required Soft Skills:
• Strong analytical and problem-solving skills to address complex cloud security challenges.
• Ability to work collaboratively with cross-functional teams to implement security best practices.
• Excellent communication and documentation skills to articulate security requirements and
solutions.
• Proactive and innovative mindset to anticipate and mitigate security risks.
• High level of professionalism and integrity to manage sensitive security information.
Desirable certifications:
Preference will be given to candidates holding one or more of the following certifications:
• AWS Certified Security – Specialty
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• AWS Solutions Architect – Professional