Overview
Skills
Job Details
Job description:
As a Cybersecurity Contractor, you will support the project team by ensuring the security and integrity of information systems and data. Conduct security assessments and vulnerability analyses to identify potential risks . Implement and maintain cybersecurity measures, including firewalls, encryption, and intrusion detection systems.Monitor and respond to security incidents and breaches, providing timely resolution. Develop and update security policies, procedures, and documentation to ensure compliance with industry standards. Collaborate with stakeholders to ensure cybersecurity best practices are integrated into all aspects of the project.
Primary Skill Required for the Role: Terraform Level Required for Primary Skill: Advanced (6-9 years experience)
Additional Skills Requested for the Role: AWS - Advanced (6-9 years experience)
Additional Details for Role:
Domain Expertise
1. AWS Organizational Governance: Service Control Policies (SCP) design, multi-account patterns, delegated admin setups.
2. Logging & Audit Foundations: Org CloudTrail, AWS Config aggregator, S3 log archive hardening, GuardDuty, Security Hub.
3. CSPM / CNAPP Operations(Wiz.io): Onboarding accounts/resources, tuning posture policies, integrating with ticketing and log routing (e.g., Cribl/SIEM).
4. Infrastructure as Code: Terraform modules, reusable patterns, policy-as-code integration, CI scanning.
5. Vulnerability & Risk Prioritization: Combining CVSS, exploit context, asset criticality, and signal sources into severity logic.
6. Automation & Scripting: Python (boto3), AWS CLI, shell tooling for validation, evidence export, reporting.
7. Identity & Access: IAM least privilege, cross-account role assumptions, permission boundaries, automation roles.
8. Observability / Data Routing (Plus): Cribl / Firehose / Kinesis or equivalent pipeline familiarity.
9. Compliance Awareness: HIPAA safeguard themes (auditability, access control, data protection, etc).
10. Metrics & Reporting: Designing & extracting KPIs (coverage %, MTTR, SLA compliance, control efficacy).
Technical Skills
| Skill | Depth Needed | Context |
|---|---|---|
| Terraform | Advanced | CNAPP onboarding, scanning pipeline |
| Python (boto3) | Advanced | Validation & evidence automation |
| AWS Security Services | Deep | Guardrails + findings pipeline |
| SCP / IAM Policy JSON | Deep | Precise preventive controls |
| CNAPP tooling | Advanced | Wiz configuration |
| AWS Config / Conformance Packs | Advanced | Framework rule deployment |
| Event & Log Pipelines | Intermediate | Cribl |
| CI/CD (GitHub Actions, Azure DevOps, or similar) | Intermediate | Shift-left scanning & gating |