AWS Cloud Security Specialist

Full Time

    Job Description

    Job#: 1326625

    Job Description:

    Role: AWS Cloud Security Specialist

    Location: Remote or hybrid on-site

    Summary: Apex Systems has an immediate opening for a AWS Cloud Security Specialist for a mid-sized bank in Maryland. As a member of the Information Security team, the Cloud Security Specialist will be responsible for developing, implementing, and operating cloud security solutions and controls to address the current and emerging security and compliance needs of the business.

    The Cloud Security Specialist will serve as a cloud security expert, integrating sound practices from Identity and Access management, monitoring, platform standards, network segmentation and interconnection, encryption, and more into the cloud platforms. They will will guide technology decisions to reflect approved security architectures, business impact and exposures, emerging threats, vulnerabilities, regulatory requirements, and risks.

    The Cloud Security Specialist will work with Enterprise Architects, other functional area architects, and security specialists to ensure adequate security solutions are in place throughout cloud IT systems and platforms, and will communicate the risks and solutions to business and IT partners.

    • Serve as a technical subject matter expert and thought leader in cloud services security and develop, maintain, and improve a comprehensive security architecture to ensure the integrity, confidentiality, and availability of information assets.
    • Define and document baseline security configuration standards and security reference architectures for Cloud services (initially AWS and Azure), and follow them from initial idea to completion and governance. Apply CIS (Center for Information Security┬«) and other industry standards to cloud services.
    • Define and implement security controls (including network security, identity and access management, security monitoring and least privilege access controls) for cloud infrastructure platforms (Azure, AWS). Align controls with National Institute of Standards and Technology (NIST) recommendations including NIST CSF and NIST 800-53. Ensure compliance with GLBA, SOX and FFIEC guidelines.
    • Coordinate the implementation of security standards for common Commercial off-the-shelf (COTS) applications and services within Cloud, determine design solutions for log aggregation and SSO/SAML integrations.
    • Provide engineering review for Information Security Architecture Risk Assessments associated with Cloud platforms with the goal of ensuring appropriate security controls are in place to address risks and threats.
    • Implement new toolsets related to cloud security, as well as automation and continuous development of cloud security processes, both operational and technical. Partner with architects to develop and implement enterprise information security cloud architectures and solutions.
    • Develop documentation for all facets of Cloud configurations including: identity and access management, network segmentation, application security, data protection, encryption, and others. Support security teams.
    • Participate in designing processes for secure DevOps using solutions for automation including: Github, DAST/SAST code review processes integrated with automated build processes.
    • DevOps & automation experience (CodePipeline, Terraform, CloudFormation) is a plus.
    • Good understanding of infrastructure solution concepts (DNS, network LAN/WAN, firewalls, DMZ, encryption in transit, virtualization technologies, active directory, database technologies and encryption at rest, Windows/Linux operating systems, load balancing, PKI and mutual TLS, zero trust architecture)

    • Bachelor's degree in Information Security, Computer Science, Management of Information Systems, or related field required. Master's degree in a related field is an advantage.
    • Minimum of 5 years' experience in cybersecurity, including cloud security, compliance and risk management with a background in system and network security engineering.
    • 3+ Years developing and implementing security operations and technology in large, complex enterprises in multiple industry verticals, across a wide range of technology platforms
    • 3+ Years deep and hands-on experience any Cloud Platform (AWS, Azure, Google, others) is required
    • Active AWS Solutions Architect Professional or AWS Devops Engineer Certification is required.
    • Preferred certifications CISSP, CCSP, CISM, and/or other comparable certifications
    • Information security certificates such as; CEH, CISSP, CCSP (Certified Cloud Security Professional)
    • Demonstrated understanding of AWS core services is required, for example: VPC, Transit Gateway, Direct Connect, Subnets/Route Tables, S3, AWS Backup, AWS CloudFormation, AWS Organizations, Service Control Policies, Tagging, CloudWatch, PrivateLink, EC2, RDS, IAM, AWS Secret Manager, Redshift, AWS Config, SecurityHub, Guard Duty, Workspaces, Control Tower.
    • Demonstrated experience with security processes and technology solutions that align with controls for FFIEC, GLBA, SOX Section 404, ISO 27001/2, FISMA or National Institute of Standards and Technology (NIST) 800-53 Rev4 or Rev5 guidelines is required.
    • Advanced knowledge of security principles, issues, techniques and implementations across cloud platforms.
    • Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives.
    • Excellent written and verbal communication skills
    • Self-driven and able to work in an agile team within a large enterprise organization, as well as independently.
    • High level of personal integrity, high degree of initiative, dependability and ability to work with limited supervision.

    EEO Employer

    Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .