Job Description :
Must Have

Need to be proactive and consultative in the AWS services (CloudFormation, IAM, AVM, Lambda, ALZ, etc and various 3rd party tools used in Security groups like Terraform, Splunk, etc.

Resource to deliver the security guardrails for new AWS services planned by end client

Analyzing data sets to perform risk assessments.

Develop tooling and security controls to mitigate risks.

Support design reviews for developer tools to ensure that security objectives are met.

Working across teams at AWS to refine your plans and obtain buy-in.

AWS certifications preferred.

CISSP certification is a plus.

Proven high degree of experience in NIST security standards and applicability to various security frameworks; NIST, PCI, etc., to include hands on experience.

BASIC QUALIFICATIONS

BS in computer science, networking, information systems, computer engineering, or 6+ years of equivalent experience

3+ years of experience in identifying security issues and risks, and developing mitigation plans

2+ years of experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services

2+ years of scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages

1+ years of experience in one or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments

Must have 1-2 years of hands on AWS cloud experience with the various services referenced.

PREFERRED QUALIFICATIONS

Have a clear understanding of cloud computing services/deployment architecture

Demonstrate innovative security approaches in non-traditional IT environments

Have experience generating automated metrics to measure service and program effectiveness and consistency

Have excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences

Have experience in the development of security products