Friday, March 5, 2021

AWS Security and Automation

Experience – Minimum 5 to 8 Years

 

Job description:

Ø      Must be a security and technical expert in Cloud Security technology, architects, designs, systems implementation and integration with deep, specialized knowledge of Amazon Web Services.

Ø       Responsible for designing and delivering security solutions in Cloud infrastructure based on Cloud security standards, governance and control practices

Ø      Conducts technical research when necessary to contribute to setting cloud security direction and strategy.

Ø      Assists others on own team, or other teams where applicable, on cloud security projects or security-relevant tasks on technical projects.

Ø      Designs, develop and implements new cloud security technologies to support business and technology solutions.

Ø      Assist with the design and development of a multi-account, multi-region, highly available and highly automated AWS environment to support application development, cloud computing, security, identity and access management, and IT infrastructure

Ø      Understand and contribute to the creation of system support documents, operational procedures, and build Terraform scripts/Cloud Formation templates

 

Mandatory Skill Requirement

-

Ø      Familiarity with AWS Managed & Governance Services Landing Zone (or Control Tower), AWS Organizations, AWS Service Catalog, AWS SSO, AWS Security Hub, AWS Systems Manager, Cross AWS Account access etc.

 

Ø      Very strong competency in working with AWS IAM (Identity and Access Management) portfolio of services like IAM Roles, Policies, Identify Federation, Service Control Policies (SCPs),AWS Config Rules AWS Organizations

 

Ø      Expertise to automate using CloudFormation, Step Functions, Lambda

 

Ø      Proficiency scripting and programming to incorporate necessary security controls with PowerShell, shell, python or similar languages

 

Ø      Proficiency working with below AWS Services:

-          Compute: EC2, Lambda, ElasticBeanstalk, ECS, ECR

-          Networking: VPC, DirectConnect, Route 53, CloudFront, Transit Gateway

-          Storage: EBS, S3, EFS, Glacier, Storage Gateway

-          Databases: Redshift, RDS, DynamoDB, ElastiCache, Redshift

-          Integration: SQS, SNS, StepFunctions,

-          Development: CodeCommit, CodeBuild, CodeDeploy

-          Security: IAM, Secrets Manager, GuardDuty, Inspector, Certificate Manager, KMS, Security Hub

-           Governance: CloudWatch, CloudFormation, CloudTrail, Config, TrustedAdvisor

 

Ø      Certification: Must have AWS Certified Security Specialty or AWS Certified Solution Architect – Professional