Senior Security Engineer
AWS Penetration Testing CI/CD
Mức lương
Khu vực
Tổng quan về công việc và trách nhiệm
• Design, implement, and maintain security frameworks and guardrails in AWS Landing Zone environments using Control Tower, SCPs, Config rules, and audit accounts. • Define and enforce secure-by-default practices for infrastructure, networks, and applications in a SaaS and enterprise setting. • Perform and lead internal penetration testing and coordinate with third-party vendors for regular external pentests. • Harden cloud resources and application environments against vulnerabilities using threat modeling, vulnerability scans, and automated patching processes. • Integrate and manage security tools such as Network Firewall, Security Hub, Audit Manager, Macie, GuardDuty, WAF. • Act as the security architect in collaboration with DevOps and product teams to ensure secure CI/CD pipelines, containerized services, and IaC deployments. • Monitor for security incidents via logging services (e.g., CloudTrail, CloudWatch, SIEM tools) and drive the incident response process. • Support compliance and audit readiness for standards like SOC 2, ISO 27001, and CIS AWS Foundations Benchmark. • Contribute to cloud governance policy design and internal security standards. • Provide mentorship and technical guidance to junior security engineers.
Kỹ năng và kinh nghiệm tối thiểu
• 3+ years in security engineering with deep AWS experience, particularly in multi-account Landing Zone operation • Advanced knowledge of cloud-native security practices and enterprise security architectures • Proven penetration testing and vulnerability assessment skills • Familiarity with CI/CD pipeline security (e.g., GitOps, secrets management, image scanning) • Understanding of IAM hardening, VPC segmentation, encryption, and incident response in the AWS cloud • Understanding of compliance frameworks (SOC 2, ISO 27001, HIPAA, GDPR) • Familiarity with SSO, SAML, MFA, and PAM solutions for identity management • Experience with container security best practices
Tại sao ứng viên nên làm ở đây
• Benefits will be shared in details for successful candidates.
Ưu tiên có kỹ năng và kinh nghiệm
• Previous experience securing enterprise SaaS products in regulated industries (e.g., finance, healthcare, govtech) • AWS certifications: AWS Certified Security – Specialty, Solutions Architect – Professional
Ứng tuyển vào công việc này
Công việc đã hoàn thành (0)
