AWS Security Operations Engineer
Job Description:
We are seeking an experienced and motivated AWS SecOps Engineer to join our dynamic team. The ideal candidate will have a deep understanding of cloud security and will be responsible for managing and improving the security posture of our AWS environments.
Key Responsibilities:
• Cloud Security Management:
o Implement and manage security controls, monitoring, and alerts on AWS infrastructure to ensure compliance with organizational policies and standards.
o Conduct regular security assessments (e.g., vulnerability scans, risk assessments, penetration testing) on AWS environments.
o Configure and manage AWS-native security services such as AWS Identity and Access Management (IAM), AWS Shield, AWS WAF, AWS KMS, and AWS CloudTrail.
• Incident Response:
o Lead investigations into security incidents, including analyzing logs, identifying potential threats, and responding in a timely manner to mitigate risks.
o Develop and maintain incident response plans, coordinating with relevant teams during and after a security event.
• Security Automation:
o Develop and maintain security automation scripts, leveraging AWS Lambda, CloudWatch, and other AWS services to streamline security processes and alerts.
o Implement Infrastructure as Code (IaC) with a focus on security best practices.
• Security Monitoring:
o Manage continuous monitoring of AWS infrastructure, identifying anomalous activity, and investigating potential security issues.
o Analyze CloudTrail logs, VPC flow logs, and other relevant logs to detect unauthorized access, data exfiltration, or other security breaches.
• Collaboration:
o Work closely with development, operations, and architecture teams to integrate security practices throughout the SDLC (Software Development Life Cycle).
o Educate and train teams on best practices for secure cloud architecture and configuration.
Required Skills & Qualifications:
• Proven experience in cloud security, particularly AWS, with a strong understanding of AWS security services and tools (e.g., IAM, CloudTrail, GuardDuty, KMS, WAF, etc.)
• String experience with Tenable
• Solid experience in securing AWS infrastructure, applications, and services.
• Hands-on experience with security automation and scripting (e.g., Python, Shell, or AWS Lambda).
• Familiarity with vulnerability scanning and risk assessment tools for AWS environments (e.g., Nessus, Qualys, or AWS Inspector).
• Strong understanding of networking and network security concepts (e.g., VPC, subnets, VPNs, NACLs, Security Groups).
• Experience with incident response procedures and forensic investigations.
• Familiarity with container security (e.g., Kubernetes, EKS) and serverless architectures.
Preferred Skills:
• AWS Certified Security – Specialty or other relevant AWS certifications.
• Experience with continuous integration/continuous deployment (CI/CD) security practices.
• Knowledge of monitoring and logging tools (e.g., Splunk, Datadog, New Relic, or AWS CloudWatch).
• Familiarity with configuration management tools (e.g., Ansible, Chef, or Puppet).
• Experience with data encryption, key management, and secrets management in cloud environments.
Soft Skills:
• Strong analytical and problem-solving abilities.
• Excellent communication and collaboration skills to work across teams.
• Ability to adapt quickly in a fast-paced environment.
• Attention to detail and a proactive approach to security challenges.
