Technical Lead – AWS Security and Automation
- Must be a security and technical expert in Cloud Security technology, architects, designs, systems implementation and integration with deep, specialized knowledge of Amazon Web Services.
- Responsible for designing and delivering security solutions in Cloud infrastructure based on Cloud security standards, governance and control practices
- Conducts technical research when necessary to contribute to setting cloud security direction and strategy.
- Assists others on own team, or other teams where applicable, on cloud security projects or security-relevant tasks on technical projects.
- Designs, develop and implements new cloud security technologies to support business and technology solutions.
- Assist with the design and development of a multi-account, multi-region, highly available and highly automated AWS environment to support application development, cloud computing, security, identity and access management, and IT infrastructure
- Understand and contribute to the creation of system support documents, operational procedures, and build Terraform scripts/Cloud Formation templates
- Provide business with strategies, experiential learning and innovative solutions in the area of cloud security
KNOWLEDGE, SKILLS & ABILITIES
- Familiarity with AWS Managed & Governance Services Landing Zone (or Control Tower), AWS Organizations, AWS Service Catalog, AWS SSO, AWS Security Hub, AWS Systems Manager, Cross AWS Account access etc.
- Very strong competency in working with AWS IAM (Identity and Access Management) portfolio of services like IAM Roles, Policies, Identify Federation, Service Control Policies (SCPs), AWS Organizations
- Must be comfortable working with Hashicorp Terraform and Terraform Modules
- Desire to automate using CloudFormation, Step Functions, Lambda
- Experience in working with Hashicorp Vault, Ansible or related technologies
- Proficiency scripting and programing to incorporate necessary security controls with PowerShell, shell, python or similar languages
- Proficiency working with below AWS Services :
- Compute: EC2, Lambda, ElasticBeanstalk, ECS, ECR
- Networking: VPC, DirectConnect, Route 53, CloudFront, Transit Gateway
- Storage: EBS, S3, EFS, Glacier, Storage Gateway
- Databases: Redshift, RDS, DynamoDB, ElastiCache, Redshift
- Integration: SQS, SNS, StepFunctions,
- Development: CodeCommit, CodeBuild, CodeDeploy
- Security: IAM, Secrets Manager, GuardDuty, Inspector, Certificate Manager, KMS, Security Hub
- Management & Governance: CloudWatch, CloudFormation, CloudTrail, Config, TrustedAdvisor
- Certification: Must have AWS Certified Security Specialty or AWS Certified Solution Architect – Professional