Position: AWS Security Architect
Location: San Francisco CA
Duration: 12 months
We are looking for a Cloud Security Architect with management and deep technical engineering expertise in security operations, threat and vulnerability management, cloud security and DLP.
You will be a part of Technology organization which is responsible for architecting, implementing and managing the technology required to run a cloud-based Data Science Platform for the enterprise.
· Ability to analyze stakeholder requirements and convert into secure and scalable cloud solutions.
· Review application architectures and implementation details for design flaws, incorrect security implementation and missing security controls.
· Create threat models to communicate risks to engineers, project managers and other technical teams.
· Address compliance and privacy issues based on the requirements for CCPA, GDPR, Sarbanes-Oxley Act (SOX) etc.
· Implement Secure Software Development Life Cycle (S-SDLC) processes and develop secure coding guidelines
· Implement DevSecOps model while working with DevOps team to automate security in CI/CD.
· Build out new security control catalog, security policies and procedures and assist in enforcing them.
· Use Static and Dynamic Analysis tools to support broad testing and vulnerability discovery in the CI/CD pipeline.
· Design, implement and manage Layer7 firewall with centralized ingress and egress Internet for all AWS accounts under AWS Control Tower setup.
· Implement and validate the security principles of minimum attack surface area, least privilege, secure defaults, avoiding security by obscurity, keeping security simple and fixing security issues correctly.
Must have skills- Mandatory
· AWS Cloud Experience (AWS SA Professional Certification)
· Experience with DevSecOps, Code Security and relevant tools.
· Infrastructure knowledge (Networking, Security, DNS, Fortinet Virtual Firewall)
· AWS Cloud native security controls (AWS Security Hub, AWS Guard Duty, ALB, NACL, Internet Gateways, NAT Gateways).
· Container Security (ECS, EKS, Fargate)
· Ideal candidate should have 10+ years of prior experience in IT in network security, information security and infrastructure in a high-tech environment.
· 5+ years successfully architecting and implementing security and DevSecOps on public cloud solutions (AWS or GCP).
· Proven work experience as a Cloud Security Architect or similar role in a cloud native environment.
· Deep hands-on experience leading the design and deployment of technology infrastructure and associated security controls.
Job Types: Full-time, Contract
- DevSecOps : 5 years (Required)
- United States (Preferred)
- Temporarily due to COVID-19