What You'll Do
- Driving the design and implementation of defense-in-depth infrastructure and application security solutions for our customer facing SaaS platform in AWS public cloud environments.
- Driving architecture, implementation, configuration and automation of native and third party cloud security solutions for hardening, detection, prevention, logging and response solutions for security vulnerabilities and threats.
- Provide thought leadership with a security bent of mind to the organization.
- Working closely with Product, Engineering and IT in a DevSecOps model on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, Threat and Intrusion detection, Kubernetes Container Security solutions, Pen Test and endpoint security.
- Assisting in incident response and triaging activities as needed for security incidents and events.
- Using AI in security operations to streamline and optimize the security incident management, resolution.
What You'll Need
- 5-7 years of previous experience deploying and administering security infrastructure in AWS public cloud environments, using Infrastructure as Code required.
- In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring.
- Prior experience working closely with Product, DevOps and CloudOps' Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions needed.
- Experience working on DLP and endpoint security product is a big plus.
- Security experience in a cloud native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security etc.
- Experience using a programming language such as Python for automation (would be a plus).
- Security certifications from AWS, GCP, CISSP, CEH, OSCP preferred.
🇧🇷 Essa vaga exige inglês. Você está pronto?
A DevSpeak Academy prepara desenvolvedores brasileiros para conquistar vagas internacionais. Domine o inglês técnico com professores que entendem o mundo dev.
Conheça a DevSpeak Academy