You will join a project for one of the leading providers of end-to-end solutions that help scientists, researchers and clinicians better diagnose disease, discover new and more personalized drugs, monitor the safety and quality of food etc.
You will:
— Architect and implement IAM best practices that enable engineers to move quickly while ensuring security, compliance, and auditing requirements are met.
TASKS:
— Collaborate with engineering teams to ensure secure infrastructure architecture.
— Implement, configure and respond to alerts for security systems such as firewalls, IPS/IDS, SIEM, EDR, WAF, threat and vulnerability management tools working with teams to understand and remediate security vulnerabilities (preferred tool: SIEM AlienVault, EPP: CrowdStrike, FW: Fortigate, Vulnerability Scan: Qualys, AWS Waf and AWS Guard Duty).
— Implement and configure SecOps Pipelines (preferred tool: GitHub)
— Design and implement threat detection and threat prevention across a multi-account, multi-region AWS setup
— Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams
— Build a single pane of glass to aggregate security and vulnerability scans from
multiple source
— Automate security controls, data access patterns, and processes to provide improved metrics and operational support for engineering teams.
— Proficient knowledge of collection and analysis methods as well as knowledge in multiple tools, utilized for data correlation
— Execute CIS Scripts for CIS Benchmark on Docker Containers (based on AWS Fargate)
— Provide and execute CIS Hardening CheckLists.
Requirements:
— Strong development skills in any modern programming language.
— Strong experience with AWS security best practices, especially the Well-Architected Framework with emphasis on the security pillar.
— Skilled at containerizing applications with Docker or similar technology.
— Ability to create, manage, and deploy infrastructure-as-code using Terraform or CloudFormation.
— Skilled at communicating technical concepts to peers and non-technical persons respectfully and clearly.
— Strong knowledge of Linux-based operating systems and security fundamentals.
— Skilled at implementing secure, public-facing AWS Cloud-based systems.
— Ability to securely configure and manage AWS services such as CloudFront, IAM, Route 53, S3, RDS, et al.
— Advanced Knowledge of Endpoint Protection Platform