Ref: JF02182021NVL-3_1614092655

AWS SecOps Consultant - Remote

USA, Virginia

  • 140000 to 160000 USD
  • Engineer Role
  • Skills: Amazon Cloudformation, AWS IAM, Python
  • Level: Mid-level

Job description

AWS SecOps Consultant - Remote

JF02182021NVL-3_1614092655

This company is looking for a staff level engineer to build & deploy security infrastructure and automate security operations for customers. This company has 20+ years experience within Financial Services, across Wealth Management, Asset Management, Insurance, and Banking. This position is 100% remote! Salary range of 140-160k

Qualifications:

* Technical expertise in building security capabilities in code and deploying infrastructure in code
* Strong scripting skills (PowerShell, Python, Node.js, JavaScript, etc.)
* Implementation experience with enterprise security solutions such as WAF, IPS, Anti-DDOS, and SIEM
* Experience with Chef, Puppet, Salt, or Ansible in production environments at scale

Example of tasks to be performed

* Configure Identity Provider
* Route 53 Resolver Query Logging to S3
* Create/Use CMK in each account that becomes the default CMK
* Create "Security Service" KMS keys for each account to support encrypted storage and transmission operations such as SSM Sessions, CloudWatch Log groups,
* Credential Protection/Storage: Vault is the standard today (Issuing)
* Implement EBS encryption default enabled in each account/region upon creation
* Support of Tokenization mechanism (likely minimal Cloud Infrastructure impacts)
* Support of Payment HSM mechanism (likely minimal Cloud Infrastructure impacts)
* Implement event-based automation of Enterprise Support enrollment for new accounts.
* IR IAM Roles in Every Account - Alert to GSOC when IR role is used.
* Enable GuardDuty, AWS Config, and Security Hub in each account, centralized results.
* Enable Amazon Macie in for non-PCI accounts, centralized results