Cloud Security Engineer

Primary Responsibilities

• Improve AWS cloud security (Terraform, Helm, AWS resources and security services such as GuardDuty, Config, SecurityHub, Macie, WAF, CloudTrail, AWS Organizations etc.
• Implement security gates in pipelines and service tooling (Snyk, Burp, Bitbucket pipelines, YAML, Opsgenie & SecurityHub)
• Measure and visualise security scores for services (using tools like Looker or similar)
• Incident management (work with additional sources for gathering security events, such as audit logs and SIEM, and deliver it to the right people)
• Providing significant input to form a Security culture within the company

Required Skills & Abilities

• 3+ years experience within the Cloud Security field 
• Security knowledge in Mobile Applications, Web Applications, Cloud Security, Networks, Operating systems
• Has practical experience in Technical controls, Operational Controls, Managing Controls within AWS 
• Some experience in building the Secure Software Development Lifecycle phases (DevSecOps)
• Understanding Identity Management principles: SSO, OAuth, JWT, SAML
• Experience with writing scripts for automation (Python & bash)
• Must be able to use Jira and Confluence.
  

Preferred skills

• Understand Business Continuity principles (Be able to understand BIA, DRP strategies Understanding MTD/ MTPOD, RTO RPO concepts)
• Understanding Disclosure Controls practices (Technical controls, Operational Controls, Managing Controls)
• Industry certifications are considered as a plus.
• Understanding the Secret Management process. (SSM, Vault, Thycotic, CyberArk)
• Understand Security Monitoring concepts. Have practical experience with the Event Correlation Systems (IDS/IPS, SIEM, AWS Cloud Specific )