Please note I have direct access to the Hiring Director of Security Infrastructure on this position.
The recognized SaaS industry leader in its market is looking for a Sr. AWS Security Engineer. The company has been in business for 11 years, earns $100+ million in revenue/year, has 1000+ global clients (such as Dell, Box.com, General Motors) and has 800+ employees. The company has been named to as the leader in the industry by Forrester Research, has been valued at $1+ Billion and won Glass Door’s 2018 Best Places to Work.
The Sr. AWS Security Engineer will be responsible for leading the design, build out, implementation and management of an enterprise AWS security infrastructure. The Sr. AWS Security Engineer will initially perform an overall assessment of the company’s extremely high-volume SaaS products, the supporting platforms, existing on-premise infrastructure, networks, data and web applications and the IT corporate infrastructure to gain an understanding of the environment as a basis for the design of the AWS Security Architecture.
More specifically, the Sr. AWS Security Engineer will:
- Have overall responsibility for the enterprise AWS cloud security architecture and, then, perform the deployment and operationalization of all AWS Security Services and AWS Security controls for SaaS applications
- Implement AWS Security Services such as AWS Cloud HSM, AWS Config, AWS IAM, Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, AWS Security Groups, Cloud Directory and any other necessary AWS Security Services
- Implement and manage AWS Config to assess, audit, and evaluate the configurations of the AWS resources. Utilize ASW Config for Operational Troubleshooting, Continuous Assessment and Monitoring and Change Management.
- Security Standard enforcement through automation using AWS Config and Lambda
- Audit, detect and remediate critical security exposures in AWS Cloud Infrastructure utilizing a combination of AWS Native tools (e.g. AWS CloudTrail, Trusted Advisor and AWS Config.
- Research, design and implement Machine Learning Driven Security Operations
- Utilize Amazon CloudWatch for monitoring
- Serve as a subject matter expert for AWS Security during development of AWS Cloud Security strategies and new AWS Service deployments.
- Research, stay abreast of and implement all applicable new AWS Cloud Security Service provider offerings and industry emerging trends
The Sr. AWS Security Engineer reports to the Director of Security Infrastructure
The company is currently operating a SaaS platform. The company is utilizing AWS Services such as EC2, Elastic Load Balancing (ELB) and Launch Configurations, Lambda, RDS, Redshift, SQS, SNS, S3, Elastic Bean Stalk, Lambda and API Gateway, Route 53 DNS Service, VPC, CloudFront, CodePipeline and CloudFormation.
The company offers matching 401K, full benefits (PPO & HMO) including medical, dental and vision, HAS/FSA, 15 PTO days, 10 paid Holidays, Short and Long-Term Disability, Life Insurance, Employee Assistance Program, Public Transportation and Transit subsidies, Student Loan Discounts, fitness reimbursement program, healthy snacks, UrbanSitter, Extended Maternity leave, casual dress, paid parking (or public transportation subsidization) and flexible work hours that all start upon employment.
- Must have 10+ years of progressive experience in information technology, information security and/or network engineering
- Expert in Information Security
- MUST HAVE experience in designing and securing at least one AWS Information Security architecture (experience must be proven and detailed in resume to be considered).
- Should have experience designing and implementing one or more of the following AWS Security Services: AWS Cloud HSM, AWS Config, Lambda, Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, AWS Security Groups or any other necessary AWS Security Services
- Experience securing basic AWS Services such as EC2, S3, ELB, etc.
- Any knowledge and/or hands on experience with security tools including SIEM, IDS (Intrusion Detection Systems), IPS, Vulnerability Management Assessments, Network and Application Scanners, DLP/DLS, Network, Malware, DDoS and and/or security analysis tools is a plus
Please note: This is not an AWS DevOps role.