Note: The job is a remote job and is open to candidates in USA. Vertical Relevance is looking for an AWS DevSecOps/ Security & Compliance Consultant, to join our team as a full-time employee in our work remotely. This person is responsible for the end-to-end planning, building, and deploying of software systems and will implement technical solutions as part of a team for customer engagements.
Responsibilities
- Help customers shape their journey to adopting the cloud and provide our customers with technical and strategic guidance on their “cloud journey”
- Consult, plan, design, and implement security solutions on the cloud customers
- Design and automate security and compliance solutions
- Become a deep technical resource that earns our customer's trust
- Develop high-quality technical content such as automation tools, reference architectures, and white papers to help our customers build on the cloud
- Innovate on behalf of customers and translate your thoughts into action yielding measurable results
- Support solution development by conveying customer needs and feedback as input to technology roadmaps
- Share real world implementation challenges and recommend expansion of capabilities through enhanced and new offerings
- Assist with technical briefs that document solutions
- Assist with reference architecture implementations
- Support internal and external brand development through thought leadership:
- Work with Marketing/Alliances to write blog posts
- Work with Marketing/Alliances to develop internal case studies
- Assist Customer with organizational hierarchy design and configuration templates
- Assist Customer in the development of referenceable playbooks, supported by relevant code examples
- Assist Customer in the development of sample runbooks to automate the implementation of AWS account setup and configuration
- Account Framework - Developing an automated Continuous Delivery Pipeline framework that will be used to establish AWS Accounts to configured, tested infrastructure on AWS in a repeatable, reliable and secure manner eliminating the need for manual intervention
- Security Control Policies - Development of the Service Control Policies and account baselines associated with the Customer’s security and compliance requirements
- Assist Customer with the development of a report and supporting sample code addressing the controls as part of the playbook
- Creating a framework to automatically gather, transform and interpret security event data in AWS
- Selecting, defining, identifying security requirements and determine where:
- Macie can be leveraged
- GuardDuty can be leveraged
- Inspector can be leveraged
- Security Hub can be leveraged
- Alternative security products can be leveraged
- Codify the provisioning of security analytics and reporting workflow:
- Implement Security Hub with in a central account with inputs from all accounts
- Implement GuardDuty for global security events
- Implement Macie for detection of sensitive data in 23 buckets
- Develop AWS Config rules to enforce security configurations in CIS AWS Foundations standard
- Implementing Inspector to gather findings from EC2 instances
- Enable CloudTrail for monitoring API activity
- Enable FlowLogs for VPC traffic
- Selecting tools for building Policy-as-Code controls (preventative, detective, and responsive)
- Development of referenceable playbooks, supported by relevant code examples for controls
- Development of sample runbooks to automate the implementation of controls:
- Policy Definition – Identification and documentation of Customer Policy in the form of specific statements that must be true about configuration of AWS resources
- Policy-as-Code Development – Development of the logical tests associated with each of the policies established to be used to assert the configuration state of infrastructure on AWS in order to block a build in the pipeline, take automated reactive action, or alert on violations to the policy
- Framework Development – A design allowing for the execution of logical tests against infrastructure code or running AWS infrastructure in order to assert the configuration state of infrastructure resources on AWS and block a build in the pipeline, take automated reactive action, or alert on violations to the policy
- Development of a report and supporting sample code addressing the controls as part of the playbook
Skills
- Professional experience architecting/operating automated Security & Compliance / DevSecOps solutions built on AWS
- Experience in software/technology customer facing experience and Financial Services +
Company Overview