Key Responsibilities: Security Architecture and Design: Design and implement security solutions in AWS cloud environments, ensuring that systems are secure, resilient, and compliant with security best practices.
Review, assess, and propose improvements to existing system security, architecture, and configurations.
Perform security assessments and vulnerability analysis for cloud-hosted systems and applications.
Policy-as-Code (Rego): Develop, implement, and manage Rego policies using Open Policy Agent (OPA) to enforce security and compliance controls.
Work with development teams to integrate OPA policies into CI/CD pipelines, ensuring that security policies are checked automatically during deployments.
Develop reusable security policies for common use cases like access control, data protection, and resource management.
Cloud Security Management (AWS): Ensure the proper configuration and management of AWS security services, including IAM (Identity and Access Management) , GuardDuty , CloudTrail , Config , and Security Hub .
Perform regular security audits and reviews of AWS environments to ensure compliance with internal and external regulations.
Assist in the identification and remediation of security risks and vulnerabilities related to AWS infrastructure.
Incident Response & Troubleshooting: Participate in the development of incident response plans, assist in identifying security incidents, and support efforts to mitigate and resolve security issues in cloud environments.
Analyze and respond to security events, working with security operations teams to investigate and resolve issues.
Collaboration & Documentation: Work closely with DevOps, infrastructure, and application teams to ensure that security is a top priority across all stages of development and deployment.
Prepare and maintain comprehensive documentation, including security design, policy rules, and guidelines for best practices.
Train and mentor team members on security standards, AWS best practices, and Rego policy development.
Qualifications: Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
Experience: 3+ years of experience as a System Analyst, Security Analyst, or Cloud Security Engineer, with a strong focus on AWS security and cloud technologies.
Hands-on experience working with AWS security services (e.g., IAM, GuardDuty, Security Hub, CloudTrail, Config, etc.).
Proficiency in Open Policy Agent (OPA) and Rego for policy-as-code development.
Experience in designing and implementing security frameworks and policies to ensure compliance with industry regulations (e.g., GDPR, HIPAA, SOC2).
Skills and Competencies: Strong knowledge of cloud security best practices and AWS security architecture.
Experience with Infrastructure-as-Code (IaC) tools like Terraform , CloudFormation , or Ansible .
Familiarity with security tools for monitoring, vulnerability scanning, and incident detection in cloud environments.
Solid understanding of identity and access management (IAM), encryption, and secure network design in the cloud.
Strong scripting and automation skills (e.g., Python, Shell, or Bash).
Excellent analytical, problem-solving, and troubleshooting abilities.
Certifications (Preferred but not required): AWS Certified Solutions Architect – Associate/Professional .
Certified Information Systems Security Professional (CISSP) .
Certified Cloud Security Professional (CCSP) .
Certified Kubernetes Security Specialist (CKS) .