Job Description:
The incumbent shall have at least 5 years of experience with AWS security components, cloud security design, and architecture, with a focus on assessing and implementing security measures in AWS environments. The individual must have experience handling cloud security independently and be capable of working collaboratively with cross-functional teams.
Required Technical Skills:
The resource MUST have the following skills and experience:
• Deep knowledge of the AWS Security Reference Architecture (SRA).
• Experience with AWS services for incident detection and response, including AWS GuardDuty, Detective, Inspector, and Security Hub.
• Ability to analyze and respond to security incidents effectively using AWS-native tools.
• Proficiency in setting up and managing AWS CloudTrail, CloudWatch, and AWS Config for continuous monitoring and continuous compliance.
• Expertise in creating dashboards and alerts for real-time security monitoring.
• Hands-on experience designing and managing secure VPC architectures, including security groups, NACLs, and network segmentation.
• Experience with AWS WAF, AWS Shield, and Amazon Inspector for infrastructure protection.
• Deep understanding of IAM policies, roles, and permission management.
• Experience implementing advanced authentication mechanisms like MFA, SSO, and federated access.
• Knowledge of encryption technologies, including AWS KMS, SSL/TLS, and S3 bucket policies.
• Experience implementing data protection strategies for cloud-native applications.
• Familiarity with AWS Well-Architected Framework, NIST, CIS, and other compliance frameworks.
• Proficiency in using AWS Config, Audit Manager, and Security Hub for governance and compliance.
• Expertise in automating security tasks using AWS SDKs, CLI, and scripting languages like Python or Bash.
• Strong knowledge of container security best practices for Amazon EKS, ECS.
• Experience integrating security tools into CI/CD pipelines
The resource SHOULD also have the following additional skills:
• Hands on experience with third-party and open-source cloud security tools such as Prowler, Zeus, CloudSploit scans, Lynis, OpenScap.
• Advanced understanding of AWS Lambda and securing serverless architectures.
Required Soft Skills:
• Strong analytical and problem-solving skills to address complex cloud security challenges.
• Ability to work collaboratively with cross-functional teams to implement security best practices.
• Excellent communication and documentation skills to articulate security requirements and solutions.
• Proactive and innovative mindset to anticipate and mitigate security risks.
• High level of professionalism and integrity to manage sensitive security information.
Desirable certifications:
Preference will be given to candidates holding one or more of the following certifications:
• AWS Certified Security – Specialty
• Certified Information Systems Security Professional (CISSP)
• Certified Cloud Security Professional (CCSP)
• AWS Solutions Architect – Professional