Title : AWS Cloud Security Architect/Lead
As the AWS Cloud Security Architect/Lead you will be a key player in partnering with Business and IT colleagues to architect, design, develop, test, launch and transition to operations innovative solutions based on AWS. You will assist in the daily support of the cloud security technology for protecting client and intellectual data for all cloud/hybrid solutions for Vitech. This position will directly contribute to the overall security program and will lead the use of cloud security technology to protect Vitech data and applications – this includes monitoring, reporting and the auditing of security control. You will design, control and improve Vitech’s information and cloud security practices to ensure they are applied effectively and consistently throughout.
- Design, develop, review and build security architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
- Identify, design and deploy solutions to secure cloud usage, whether cloud-native or COTS solutions.
- Act as subject matter expert (SME) on cloud security issues.
- Communicate IT security related programs and issues to management, as appropriate.
- Design, develop and implement cloud security standards
- Coach other teams about cloud security-relevant technologies, processes, and tools.
- Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in cloud environments.
- Collect security-related operational metrics through automation and increase security visibility across the organization; measure the coverage and effectiveness of security tools; transparency over the security state of the Cloud.
- Certifications: AWS Certified Security – Specialty required.
- CCSK desired.
- 6+ years’ hands-on experience delivering security solutions on AWS IaaS and PaaS platforms including serverless environments.
- 2+years’ hands-on experience with Docker, Kubernetes, Web API security.
- 2+years’ hands-on experience in scripting languages like Python, Unix Shell (bash/ksh), etc.
- 2+ years’ hands-on experience with AWS WAF.
- Experience with CI/CD tools such as Bamboo and Jenkins would be a great plus.
- An understanding of specialized data classifications and AWS data protection mechanisms.
- An understanding of data encryption methods and AWS mechanisms to implement them.
- An understanding of secure Internet protocols and AWS mechanisms to implement them.
- A working knowledge of AWS security services and features of services to provide a secure production environment.
- Competency gained from two or more years of production deployment experience using AWS security services and features.
- Ability to make tradeoff decisions with regard to cost, security, and deployment complexity given a set of application requirements.
- An understanding of security operations and risk.
- Attention to detail and ability to recognize and resolve discrepancies.
- Strong written and verbal communication skills.
- Self-motivated, enthusiastic, and passionate about Information Security.
- Ability to multi-task and prioritize.