We are seeking an experienced AWS Security Engineer to design, evaluate, and enhance the security of our cloud infrastructure. The ideal candidate will be well-versed in AWS services, with a focus on securing containerized architectures (ECS, EKS) and cloud-based services (EC2, S3, IAM).
Responsibilities:
- Develop and implement security strategies and best practices for AWS services, including ECS, EKS, and EC2.
- Configure and maintain IAM roles and policies with a principle of least privilege.
- Regularly audit and evaluate AWS account security, including S3 encryption, network access controls, and logging.
- Ensure the security of containers (Docker) and orchestration platforms (ECS, EKS).
- Implement container image scanning to identify and remediate vulnerabilities.
- Manage and optimize runtime security configurations for containerized environments.
- Configure and maintain AWS native security services such as GuardDuty, Inspector, and Security Hub.
- Design and implement real-time intrusion detection and incident response processes.
- Investigate and mitigate security incidents, providing post-incident analysis and recommendations.
- Design secure VPC architectures, including subnet isolation, security groups, and NACL configurations.
- Configure Web Application Firewalls (WAF) to protect against common attacks such as SQL injection and XSS.
- Optimize AWS Shield and other DDoS protection mechanisms.
- Conduct regular security audits and generate reports to assist with third-party assessments.
- Develop and maintain automation scripts (Python, Shell) to streamline security tasks.
- Integrate security checks into CI/CD pipelines.
Requirements:
- Degree in IT/Computer Science/Engineering or equivalent.
- Expertise in AWS cloud security, Proficiency in Docker and container orchestration security.
- Familiarity with vulnerability scanning, penetration testing, and compliance tools.
