Job Description :
IMP Skills:
1) DevOps - because of the way the Security team develops code
2) Python
3) CloudFormation, AWS Config, Lambda ? Experience with all or some of these since the controls are built with these services
4) Security is important but not critical as the team can provide direction on secure/insecure configurations. Citi has made it clear that they want engineers and not resources to write policy documentation.
Must Have skills/qualifications:
Need to be proactive and consultative in the AWS services (CloudFormation, IAM, AVM, Lambda, ALZ, etc and various 3rd party tools used in Security groups like Terraform, Splunk, etc.
Deliver the security guardrails for new AWS services planned by end client
Analyzing data sets to perform risk assessments
Develop tooling and security controls to mitigate risks
Support design reviews for developer tools to ensure that security objectives are met
Working across teams at AWS to refine your plans and obtain buy-in
Automate the SecOps monitoring, scanning and remediation.
Proven high degree of experience in NIST security standards and applicability to various security frameworks; NIST, PCI, etc., to include significant hands on experience with all core AWS services, solutions and tools, especially in the area of security
AWS certifications preferred
CISSP certification is a big plus
Preferred qualifications:
Have a clear understanding of cloud computing services/deployment architecture
Demonstrate innovative security approaches in non-traditional IT environments
Have experience generating automated metrics to measure service and program effectiveness and consistency
Have excellent written and verbal communication skills with the ability to present complex technical information in a clear and concise manner to a variety of audiences
Have experience in the development of security products
BS in computer science, networking, information systems, computer engineering, or 6+ years of equivalent experience
3+ years of experience in identifying security issues and risks, and developing mitigation plans
2+ years of experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services
2+ years of scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages
1+ years of experience in one or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments
Must be able to demonstrate 1-2 years of hands on AWS cloud experience with all core AWS services