AWS Cloud Security Architect / Remote

Overview

Remote
Depends on Experience
Contract - Independent
Contract - W2
Contract - 06 Month(s)

Skills

SAP
AWS
Security
IAM
Patching
laaS
cybersecurity

Job Details

AWS Cloud Security Architect

Remote PST Preferred

Job Description

The primary objective is to provide advisory services for securing and drafting cybersecurity standards specific to AWS IaaS. SAP in AWS IaaS will be a specific focus for one of the drafted standards.

The project will be a collaboration between Company and Contractor personnel, working at the direction of the Company, to achieve the timely delivery of in-scope advisory services.

Should time allow the draft cybersecurity standards the Contractor will assist with include the following topics:

  • AWS IaaS security-related configurations
  • SAP application security on AWS IaaS
  • AWS IaaS patching
  • AWS IaaS vulnerability management
  • AWS IaaS Identity and Access Management (IAM)
  • Should time allow, Contractor will also support the development of a RACI (Responsible, Accountable, Consulted, Informed) pertaining to securing IaaS, regardless of platform, from prebuild through to run state.
  • Should time allow, the Parties will focus their efforts, but shall not be limited by, the Security Domains and associated topics identified below when advising on securing AWS IaaS:

| Security Domain | Associated Topics | | --- | --- | | Identity and Access Management | User Permissions | | Enterprise Role Integrations | | Security Basics | | Policy Hygiene Audit | | Policy Hygiene Remediation | | Policy Hygiene Reporting | | Setup of SAP GRC Emergency Access Management and Firefighter IDs (if required) | | Configuration of parameters within the PAM solution in line with the design (session logging, account vaulting, and JIT provisioning) | | Connector between SAP and the PAM solution | | Test cases to validate SAP integration | | Deployment of the PAM tool to the Prod SAP environment | | Logging and Monitoring | Enablement of key logs | | AWS SIEM Integration | | SAP SIEM Integration | | Identification of security events and creation of alerts | | SOC/IR playbooks to respond to alerts | | Incident Responses | Response Plans | | Indicators of Compromise (IoCs) | | Tabletop Exercises | | Network & Platform Security | Instance egress policy | | Firewall policy | | Configuration monitoring | | Review and validation of SAP configuration | | Data Protection | | Vulnerability Management / Compliance & Governance | Vuln & Compliance Monitoring | | Vuln & Compliance Reporting | | Vuln & Compliance Remediation | | Deployment of technical guardrails to environment |

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.