Security Architect AWS Master

REQUIREMENTS

- B.A. or B.S. (or higher-level degree) in Computer Science or a similar engineering program with strong academic performance preferred

- 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure

- AWS Security, CISSP, CISA, OSCP or other information security certification

- Experience in performing security reviews of cloud application designs, source code and deployments

- Must have knowledge and stay up to date on the latest cloud security advisories, alerts and vulnerabilities.

- Nice to have: knowledge on Rapid 7, InsightVM, and Appsec products

- Strong verbal and written communication skills for a highly collaborative environment

- Rigorous attention to detail and focus on quality of deliverables

- Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM

- Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation.

- Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation

- Proven team experience and comfort in a team-oriented environment

- Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.

ACTIVITIES

Experience in cloud security or engineering in public cloud providers AWS, GCP and Azure.

- Experience with evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.

- Hands-on experience with monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM

- Utilize the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.

- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security

- Determine, monitor and maintain our security posture, in collaboration with Engineering.

- Oversee and manage the deployment, integration and configuration of security solutions and of any enhancements to existing security solutions and the enterprises security documents.

- Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.

- Develop and maintain threat models for cloud environments and train engineering teams to develop attacker/risk driven design skills

- Actively partner with infrastructure, application and other stakeholders to ensure deployed solutions minimize security and privacy risks.

- Familiarity with EDR in the cloud, to further develop and maintain our detection and response capabilities

- Recommend actions/practices to management in order to ensure compliance with security and regulatory requirements in decision-making processes.

- Suggest actions in order to mitigate risk in any activity that potentially impacts security of existing IT and information management.

- Craft responses to client and partner security questionnaires

ENGLISH CONVERSATIONAL