Overview
Skills
Job Details
AWS Cybersecurity Consultant
Location: Remote
Contract: 2+ months
Domain Expertise
1. AWS Organizational Governance: Service Control Policies (SCP) design, multi-account patterns, delegated admin setups.
2. Logging & Audit Foundations: Org CloudTrail, AWS Config aggregator, S3 log archive hardening, GuardDuty, Security Hub.
3. CSPM / CNAPP Operations(Wiz.io): Onboarding accounts/resources, tuning posture policies, integrating with ticketing and log routing (e.g., Cribl/SIEM).
4. Infrastructure as Code: Terraform modules, reusable patterns, policy-as-code integration, CI scanning.
5. Vulnerability & Risk Prioritization: Combining CVSS, exploit context, asset criticality, and signal sources into severity logic.
6. Automation & Scripting: Python (boto3), AWS CLI, shell tooling for validation, evidence export, reporting.
7. Identity & Access: IAM least privilege, cross-account role assumptions, permission boundaries, automation roles.
8. Observability / Data Routing (Plus): Cribl / Firehose / Kinesis or equivalent pipeline familiarity.
9. Compliance Awareness: HIPAA safeguard themes (auditability, access control, data protection, etc).
10. Metrics & Reporting: Designing & extracting KPIs (coverage %, MTTR, SLA compliance, control efficacy).
Technical Skills
Skill Depth Needed Context
Terraform Advanced CNAPP onboarding, scanning pipeline
Python (boto3) Advanced Validation & evidence automation
AWS Security Services Deep Guardrails + findings pipeline
SCP / IAM Policy JSON Deep Precise preventive controls
CNAPP tooling Advanced Wiz configuration
AWS Config / Conformance Packs Advanced Framework rule deployment
Event & Log Pipelines Intermediate Cribl
CI/CD (GitHub Actions, Azure DevOps, or similar) Intermediate Shift-left scanning & gating