Overview
Description
Primary Responsibilities:
- Designs and implements comprehensive security architectures for AWS cloud environments, including multi-account strategies, network security, and data protection mechanisms.
- Configures and manages AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, WAF, and Shield to maintain continuous security monitoring and threat detection.
- Integrates security controls into CI/CD pipelines across Jenkins, and BitBucket, implementing SAST, DAST, SCA, and secrets scanning to enable shift-left security practices.
- Partners with development teams to embed security throughout the software development lifecycle, providing guidance on secure coding practices, threat modeling, and vulnerability remediation.
- Implements and maintains container security for ECS and Kubernetes (EKS) environments, including image scanning, runtime security monitoring, RBAC configuration, and network policy enforcement.
- Develops and enforces Infrastructure as Code (IaC) security standards for Terraform and CloudFormation, including policy-as-code implementation, state file protection, and automated security scanning.
- Designs and implements authentication and authorization solutions using OAuth , OIDC, and SAML, following Zero Trust principles and least-privilege access models.
- Establishes and supports security champion programs within development teams, providing training, resources, and guidance to promote security awareness and best practices.
- Conducts security assessments, vulnerability management, and penetration testing coordination to identify and remediate security risks across cloud infrastructure and applications.
- Responds to security incidents, conducts forensic analysis, and develops automated remediation runbooks to improve incident response capabilities.
- Integrates and manages SIEM and logging solutions for security event correlation, threat detection, and compliance reporting.
- Collaborates with DevOps, development, IT, and compliance teams to ensure security requirements are met while enabling business objectives and maintaining operational efficiency.
- Mentors junior security engineers, conducts architecture reviews, and contributes to the development of security policies, standards, and procedures.
- Stays current with emerging cloud security threats, vulnerabilities, and best practices, recommending and implementing security improvements to strengthen the organization’s security posture.
- Any additional duties assigned by management.
Requirements for Success:
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field, or equivalent work experience.
- At least 3-5 years of experience in information security with a strong focus on cloud security.
- Demonstrated hands-on experience with AWS security services including IAM, Security Hub, GuardDuty, CloudTrail, Config, KMS, and WAF.
- Experience designing and implementing security controls in AWS cloud environments.
- Proven experience integrating security into CI/CD pipelines using tools such as Jenkins, BitBucket.
- AWS Certified Security – Specialty certification required or must be able to obtain within 12 months.
- Strong experience with container composition, runtime environments (ECS, EKS) and container security.
- Working knowledge of Infrastructure as Code tools (Terraform, CloudFormation) or ability to learn.
- Experience with authentication and authorization protocols including OAuth, OIDC, SAML, and SSO implementations.
- Strong experience with Entra ID including conditional access policies, application registrations and RBAC.
- Experience with Azure B2C.
- Demonstrated experience with code scanning tools, web application firewalls, and vulnerability management.
- Strong understanding of DevSecOps principles and shift-left security practices.
- CISSP or equivalent security certification preferred.
- Strong communication and leadership skills with the ability to explain technical security concepts to both technical and non-technical audiences.
- Strong attention to detail and accuracy.
- Ability to work collaboratively across teams and build strong relationships with developers, operations teams, and business stakeholders.
