Design, build, and maintain our security infrastructure, including detection and response capabilities, IAM, and secrets management.
Design, build and maintain IAM solutions including federation and identity management in the cloud.
Ensure all cloud security best practices arec implemented in the platform and ensure compliance with industry and enterprise standards e.g. CIS
Develop processes, code, or systems that mitigate and prevent infrastructure breaches
Develop secure-by-default infrastructure for the rest of teams to use
Help teams working on our newest features and technologies to be sure they are secure and meet compliance standards
Review new designs and provide feedback
Perform initial and periodic security assessments for incidents and conducts related ongoing investigation activities in coordination with other corporate functions
Create design patterns for effective logging & monitoring, alert detection, and automated incident response
Develop IAM solutions for enabling access to different platforms and services
Create and maintain thorough documentation related to cloud security designs/configurations, policies, standards, processes, and recommendations.
Assesses current applications and architecture to determine methods for automating security testing and control validation.
Participate in design review of implementations of services in the cloud (including analysis of threats and risks and alignment with the company’s security, Engineering, IT and Architecture standards)
Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
Provides security guidance and requirements to various technology teams on methods for driving security into every aspect of the platform (including infrastructure components and SDLC).
Works closely with cross-functional teams as a subject matter expert for security standards and advises/contributes to development as needed.
Proactively performing security assessments to prevent security vulnerabilities
Configuring and troubleshooting security infrastructure devices.
Experience working in a DevSecOps environment, and familiarity with source code control and CI/CD pipelines and related systems
Collection, management, and analysis of performance data
Minimum 3+ years of experience design or building cybersecurity infrastructure services in AWS Cloud., e.g. vulnerability management, incident response, data protection, SIEM, etc.
Minimum 3+ years of progressive experience within a software security team or similar operating environment with an in-depth understanding of application security assessment methodologies
Strong Python experience
Define and develop preventive guardrails, detective controls, and automated alerts and remediation to ensure IAM implementation in all cloud environments are compliant with cloud security standards and policies.
Perform vulnerability testing, risk analyses, and security assessments
Strong knowledge of the various security solutions, such as AV, IPS, IDS, SIEM, VPN, DNS, firewalls, proxies, etc.
Experience automating systems hardening and patching management capabilities
Malware and antivirus engineering and deployment
Will assist with driving technical POCs working with external parties/vendors, internal applications, and business/security experts to demonstrate usage of application security technologies in addressing identified security gaps/improvements.
Strong interpersonal skills including mentoring, coaching, collaborating, and team building