Sr. Security Architect, AWS Philadelphia, PA 19103 You will be responsible for the implementation and execution of security solutions supporting strategic cloud security vision for AWS. You will work closely with cloud security architects and other security and non-security stakeholders to implement technical vision and designs. Working closely with other security team-members you will partner with application teams to remediate cloud security risks across multiple business units and improve the security of AWS operations. Additionally, you will assist by supporting the strategic technical leadership across multiple programs that seek to improve and innovate cloud cyber security capabilities across all aspects of the brand. Description:
Partner with Ops and Product stakeholders to support cloud security risk reduction
Create operational documentation in support of cloud security initiatives
Perform and automate cloud security remediation efforts working with application teams ensuring minimal impact on cloud operations
Build re-usable scripts and user guides for applications teams to leverage in the reduction of cloud security risks
Develop and present metrics on risk reduction and initiative progress showing areas of improvement and identifying any potential issues to meeting team goals and delivery dates
Present and communicate complex concepts to a variety of technical and non-technical stakeholders.
Assist with the rationalization of incumbent and new architectures and technical solutions.
Facilitate the development of efficacy measures of cyber security programs to convey the overall security posture and maturity of the program
Specify, develop and conduct security resilience testing and stress testing process assessments and strategy
Requirements:
Must have broad technical knowledge of all common security domains.
Must have proven hands-on experience automating cloud security using modern programming languages
Must have experience implementing and assessing least privilege security controls in AWS
Must have hands on experience operating with AWS security services, APIs, and reports
Must have knowledge of AWS infrastructure controls and monitoring
Must have experience working in a multi-account, multi-user AWS environment
Must have demonstrated hands-on experience using SecDevOps methods to build cloud infrastructure controls and monitoring
Process a deep knowledge of governance, compliance, risk management and audit control systems and functions as applied to AWS
Ability to work independently with minimal oversight completing objectives on time
High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity in all situations
Proficient knowledge of NIST, GDPR, PCI, SOX and other cyber security standards
Bachelor’s Degree in Information Sciences Technology, Cyber Security, or Computer Engineering. Advanced Degree preferred
Must have at least 8 years of hands-on experience securing a public cloud platform managing the security of multiple cloud accounts for end customers
Relevant cyber security certifications such as AWS, CISSP, CISM, CISA, CCSP, GIAC are highly desired
Experience with Python and modern development tools: Git, JIRA, etc
Experience with Linux, CLI/shell, Docker and Kubernetes desirable
Understanding of Service-Oriented Architectures (SOA and REST), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS)
Up to 20%, ability to travel within the geographic areas, primarily Philadelphia, PA and Moorestown, NJ
