Career Home

Career /  IT & Infra / AWS and Security

AWS and Security

Experience: 4+ Years

Opening Location Availability
1 Jaipur Immediate or 30 Days

Job Description:

This position will be responsible for the implementation and support of AWS cloud infrastructure and security. This position requires a seasoned individual, who has hands-on experience in IT infrastructure management on AWS and security from the ground up to support critical business applications.

Must-Have Skills:

  • Understanding and experience with ISO 27001 & PCI DSS.
  • Bachelor’s degree in the field of Information Security, Computer Science, or highly related program.
  • Should have experience in VPN, NAT Gateway, Transit Gateway, VPC Peering
  • Experience or understanding of governance, risk, and compliance (GRC) processes and solutions.
  • Experience in information security and auditing.
  • Experience with AWS Security tools (WAF, Inspector, GuardDuty, Cloud Watch)
  • Background in security controls, auditing, network, and system security.
  • Excellent understanding of OWASP Risks, Vulnerabilities, and Mitigation Mechanisms
  • Experience with Web Application Firewall management and rules
  • Ability to express technical concepts in business terms.
  • Experience in comprehensive Windows / Linux Systems security
  • Experience of working on Cloud and Infrastructure security
  • One of the following certifications: CEH, CHFI, ISO 27001 LA

Good-to-Have Skills:

  • Experience of Systems Administration experience and AWS services.
  • Identifying system vulnerabilities and securing AWS environments.
  • Hands-on experience with setting VPC, subnet, routing Tables, Security Group, NACL
  • Experience in configuring Amazon Cloudfront, securing with WAF
  • Strong written / verbal communication skills and customer interaction skills with users of all levels.
  • Working knowledge of web and application server architecture for public clouds.
  • Advanced experience and knowledge of networking and cybersecurity.

Roles and Responsibilities:

Responsible for the provisioning, installation/configuration, operation, and maintenance of cloud instances and other AWS services and their security AWS cloud environment.

  • Setup and build AWS infrastructure related to various resources VPC, EC2, S3, EBS, ELB, Security Group, and RDS, AMI
  • Experience working with IAM in order to create new users, roles, and groups
  • Design and implemented Security using VPC, IAM, Security Groups and NACL
  • Experience on Backup and Restoration from the snapshot and managing encrypted snapshots
  • Implementing security group and NACL for Inbound/Outbound access
  • Experience working with SNS
  • Understand storage requirements, create configure S3 storage, and maintain the ACL.
  • Strong knowledge of encryption of S3 and other storage types.
  • Should have experience with cloud trail and compliance
  • Conduct vulnerability assessments of applications using various open-source and commercial tools
  • Required knowledge of open source and commercial application security tools and frameworks, including but not limited to Kali Web application testing tools Burpsuite, Nessus, Metaspoilt
  • Code review for known security flaws using software like – Qualys
  • To carry out advanced technical analysis on application intrusions
  • Analyze scan reports and suggest remediation/mitigation plan
  • Providing rich client-specific reports
  • Hands-on experience on Infrastructure, Networks, Web Application, Database security
  • Demonstration of proof of concepts for exploits, manual penetration testing
  • Security configuration review of database /servers / firewalls / switches / routers, etc
  • Knowledge of operating systems preferably network equipment’s system (Linux and Windows) and network hardening
  • Research and maintain proficiency in computer application exploitation, tools, techniques, countermeasures, and trends in computer application vulnerabilities
  • Responsible for managing IT Audit, policies & security compliance norms.
  • Carry out IT security Audit as per ISO 27001.
  • Knowledge of OWASP top 10 vulnerabilities.
  • Develop and Manage all IT awareness and training program which helps to increase employee
  • Resolve security incidents related to identify vulnerabilities, risks, and protection needs and establish IT vulnerability reporting criteria.
  • Provide expert guidance and solution development for operationalizing and maturing security practices
  • Align initiatives with ISO 27001 and other industry standards
  • Mentor others on security best practices
  • Well versed in system exploits (e.g. Buffer Overflows, PTH attacks, windows authentication framework, etc.)
  • Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.
  • Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.

Apply Here

Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.