Cloud Security

Role Description:
The Cloud Security Engineer will be part of a Global and responsible for providing deep technical hands on contribution in the design & implementation of cloud security architecture. Primary expertise must be on AWS Cloud while working knowledge or better of Azure and others would be ideal. Security related responsibilities include design, validation, POC's, planning, installation, configuration, monitoring, performance improvement, maintenance, compliance, resilience, audits & optimizations.
Key Responsibilities:

• Design / Plan
  • Understand Principal's Cloud Architectural vision, business units' requirements, governance processes and cloud specific guardrails
  • Perform Proof of Concepts to validate designs, and prepare solutions to meet requirements
  • Participate in migration planning
  • Design Cloud Security solutions and enhance existing implementations
• Build
  • Participate in cross functional cloud projects & initiatives
  • Implement once and provide SOP's for standard repeatable procedures
• Community
  • Create, enhance, and review inner-sourced AWS SOP's
  • Encourage co-workers with a security mindset to actively participate
  • Engage in external learning opportunities and collaboration
• Operate
  • Support and manage multiple AWS Accounts
• Enhance
  • Recommend and code changes to improve Security in established SysOps and DevOps processes
• Lead
  • Provide deep technical leadership on AWS Security to a team providing broad range of cloud implementations
  • Participate in knowledge sharing, documentation, design drawings

• Must have
  • Broad & deep understanding of AWS Cloud offerings, features, limitations
  • Expert on all AWS IaaS Compute, Storage, and IAM related security features
  • Good knowledge of AWS perimeter security e.g. WAF, DDoS, firewalls (NGFW) etc.
  • Hands-on scripting experience needed for Security Automation (e.g. CDK (must), Terraform, Ansible etc.)
  • Understanding of security aspects of software pipelines, applications, server, OS & network
  • Deep knowledge of Cloud security frameworks (NIST preferred), controls, tooling
  • Ability to perform & front-end Cloud Audits
  • Ability to perform Vulnerability Assessment and Penetration Testing of Cloud based workloads, API's & infrastructure
  • Design documents, presentations, diagrams & SOP preparation skills
• Good to have
  • Experience of AWS PaaS, Lambda, ECS, EKS, API, Route 53, RDS, Containers
  • Experience of DevOps engineering skills (e.g. PowerShell, Python, CI/CD pipeline, GitHub, Jenkins)
  • Knowledge of Azure Active Directory
  • Knowledge of SIEM integration for SOC processes & best practices