AWS Cloud Security

Job Duties and Responsibilities

Assist with the design and development of a multi-account, multi-region, highly available and highly automated AWS environment to support full software development life cycle and production of mission-critical applications. (Control Tower and Landing Zone Knowledge) 
Understand and contribute to the creation of system support documents, operational procedures, and build scripts/Cloud Formation templates (Json and YAML)
Complete ongoing performance tuning and system optimization to better meet business needs. Reactively troubleshoot outages, perform root cause analysis, and execute continual service improvements
Proactively mitigate business service disruptions with designed redundancy, backups, and highly available solutions. Maintain a highly available production infrastructure. Provide application support for product customers
Provide systems administration functions on AWS infrastructure to include support of products such as: AWS Console root user administration, Key Management, EC2 Compute, S3 Storage, Relational Database Service (RDS), AWS Networking & Content delivery (VPC, Route 53, ELB, etc.) IAM, CloudWatch, CloudTrail, Cloud Formation, Auto Scaling, Cost and Usage Reports (Security Groups, Guard Duty, Cloud Trial, Config, WAF, Lambda)

Skills, Experience and Requirements

Knowledge of security technologies such as SIEM, Firewall/NGFW, EDR / DLP, UEBA and hybrid/Cloud Security environments (Logz.io, McAfee CASB)
Will have considerable AWS and Linux skills, as well we DevOps skills around CI/CD and experience with tools such as Ansible, Jenkins, and Cloud Formation.(git) 
Working knowledge and experience with project and portfolio management tools, preferably Service Now, Microsoft Project, and/or Jira
Excellent verbal and writing skills and the ability to communicate effectively with all levels
 

EDUCATION & WORK EXPERIENCE REQUIRED

Overall 8-10 years of experience in IT Security, 3-5 years working with AWS Security, and fluency with the AWS APIs/command line tools
Experience implementing /maintaining security for cloud-based systems /applications in AWS
Experience writing SOPs, system requirements, and other technical documents
Experience centrally monitoring systems for alerts and incident management functions. 
(Incident response on Cloud, investigation on security issues)
Scripting language experience (Python, Javascript, etc.), Strong working knowledge of automation tools such as (Puppet, Jenkins, and Chef). Working knowledge of RDS database such as PostgresSQL, Oracle, and MySQL
Should possess one or more of the following certifications – CISSP, SANS GCIH, Vendor Certifications (CISO, Palo Alto, McAfee, IBM etc), AWS Certification(s) 
Engineering degree required