Take ownership and vulnerable dependency scanning, threat management and secrets management.
Plan and execute security assessments of our products, services associated to cloud infrastructure.
Working closely with our DevOps and Software Engineering teams in a Cloud Environment to provide security best practices in AWS
Implement IDS/IPS based solutions
Implement directory service to manage users
Review the current infrastructure and implement necessary changes according to CIS benchmarks
Drive automation to mitigate or reporting risks from continuous monitoring solutions
Train team members on all other Information Security initiatives such as general Vulnerability Management, Security Reviews, Security Policy Compliance & Awareness, Customer Engagement & Security Certifications (e.g., SOC 2 / 3)
At least 5+ years experience with Linux and Windows operating systems and Amazon AWS.
5+ years of AWS foundation services related to compute, network, storage, content delivery, administration and security, deployment and management, automation technologies.
Proficient in at least on high level programming languages like Java , Python etc
4+ years experience in Security architecture and detailed cyber security designs for Cloud systems infrastructure and corporate network and systems
4+ years experience with service configuration management, deployment and continuous integration tools, such as Ansible, Jenkins, Terraform, and CloudFormation
2+ years on Penetration testing
Proficient on implementing and supporting network and system security capabilities, including network firewalls, Web application firewall, intrusion detection systems ( IDS ) and intrusion prevention systems ( IPS ) , threat analysis, vulnerability scanning, and policy
Implemented SSO technologies and enterprise authentication services
Certifications likes CISSP, AWS certified Security is a plus
Key requirement is to have Unix/Linux OS System Admin knowledge.
Ideally someone who was a Unix/Linux System administrator and has transitioned to AWS.
Experience on using the AWS services.
Experience of using open source tools for the security and intrusion monitoring, example Snort.
Nice to have the AWS and CIS certifications.