AWS Security consultant.
Location: Remote –
Pay rate : $80/hr W2 Only
Duration: 6 months with possibility of extension
USC, GC only
Container scanning - Our parent company has a Prisma install in place, and we are working through how to include our containers to be scanned. If this proves to not be possible, we will need assistance with implementing this within our own environment
Run containers as non-root user - There are likely best practices for determining how to establish and maintaining secure user configurations in the container setup. We are uncertain that the approach we are taking is optimal
Role based access control - Like #2, we have probably implemented something rudimentary for RBAC, but we need a knowledgeable resource to help us understand how to review our needs and engineer an appropriate approach
Network Policies - Again, need a knowledgeable set of eyes to review our current approach for defining communication rules between pods, and teach us how to both design and implement these rules (Service Mesh)
Encrypt Communication - We believe the best practice for this is to implement mutual TLS for communication, but we are unclear on where and how to do so
Secure data - Best practices for protecting ETCD store, and secrets
Backup - Best practices for backing up etcd and app data present in implementation
Security Policies - Another area where a resource can help us evaluate our current application requirements and identify/implement "security as code"
Disaster Recovery -
Any Graduate