AWS Cloud Security Expert

The Role

Cloud Vulnerability Management Engineer specializing in helping organizations manage security/vulnerability assessment, processes, and tools, including data protection, identity & access management, risk and compliance, incident response, exception management and performed continuous security monitoring of all systems, and services, threat management and integrations to rapidly identify potential security issues and initiate mitigation measures. Maintain end to end vulnerability management service.

Your responsibilities: (Up to 10, Avoid repetition)

• Collaborate directly with customers providing technical support & guidance in resolving complex technical issues, including various aspects of vulnerability management lifecycle including remediation, exception management.
• Define, document, deliver, and socialize the cloud-based vulnerability management focused service offerings and patching management processes, ensuring that they consider the triaging, prioritization, assignment, deferral, root cause analysis, and remediation of vulnerabilities and misconfigurations.
• Managed the lifecycle of vulnerabilities: identification, evaluation, prioritization, validation of pre patch and post patch findings- remediation, and reporting.
• Monitor & troubleshoot cloud services to proactively identify & resolve performance or availability issues and scan coverage.
• Analyse, prioritise remediation solution on AWS services like Lambda, ECR, EC2, EventBridge, Security hub, GuardDuty, and undertaking customisation based around lambdas written in python.
• Work with version control systems (e.g., GitHub,) to manage and track changes to infrastructure code.
• Conduct root cause analysis after incidents and Publish findings on incidents tickets and use of ServiceNow ticketing, Confluence, Jira, Quicksight to report.
• Maintain asset inventory, SBOM, mapping of the asset owners and application/account owners.
• Create and maintain comprehensive documentation for our services.

Your Profile

Essential skills/knowledge/experience:

Mandatory Skills

• Proven experience in delivering vulnerability management service in cloud environment, Amazon Inspector.
• Strong understanding of VM processes, lifecycle, and implementation, perform independently the Vulnerability Management & Gap assessment.
• Strong experience in ITSM/ServiceNow Incident/ticketing management.
• Strong understanding of threat management, explain risk narratives that explain threat exposure to the enterprise.
• AWS Cloud Security and Infrastructure experience, AWS Inspector, Qualys, Security Strategy and risk mitigation
• Experience in CI/CD pipeline, Devops, GitHub, Docker, Elastic container repositories, Lambda, virtualisation environment.
• Support and utilize automation and cloud integration to improve processes, and reporting to stakeholders.
• Track the Critical Success Factors (CSFs) and Key Performance Indicators (KPIs) for the process globally and regionally.
• Operate efficiently and remain in compliance with regulatory and industry best practices.

Relevant certifications, such as

• AWS Certified Cloud Practitioner - Certified.
• AWS Certified Solutions Architect (Associate) Certified.
• AWS Security Specialty+ - Certified.
• Devops-experience