AWS DevSecOps Lead (Policy Development & Mapping)

Experience:

7+ years of experience in cloud security, DevSecOps, or a related security domain.

3+ years of hands-on experience in designing and implementing AWS cloud security solutions (e.g., IAM, VPC, KMS, CloudTrail, GuardDuty, etc.).

Proven experience in policy development, compliance mapping, and governance frameworks (CIS, NIST, ISO, etc.).

Expertise in DevSecOps practices, CI/CD pipeline integration, and automation of security testing (e.g., SAST, DAST, IaC scanning).

Experience with infrastructure-as-code (IaC) tools such as Terraform, CloudFormation, or similar.

Strong knowledge of security protocols, risk management, and incident response.

Certifications:

AWS Certified Security – Specialty (or equivalent).

Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or equivalent preferred.

Additional certifications in security frameworks (e.g., ISO 27001, NIST) are a plus.

Technical Skills:

AWS: In-depth knowledge of AWS services (EC2, Lambda, S3, RDS, VPC, IAM, KMS, GuardDuty, etc.) and security features.

Security Tools: Experience with cloud security tools such as Prisma Cloud, AWS Config, CloudTrail, AWS Shield, and third-party security solutions.

Programming & Scripting: Proficient in at least one programming language (e.g., Python, Bash, Go) for automating security tasks and integrating security checks in CI/CD pipelines.

Compliance & Risk Management: Strong understanding of regulatory frameworks (e.g., GDPR, SOC 2, HIPAA) and ability to map them to AWS cloud security practices.