About The Position
AllCloud is looking for a creative DevSecOps Engineer, As Such, you will support our efforts around designing & implementing cutting-edge automated security solutions that leverage AWS's native capabilities.
As part of our managed services program, the DevSecOps Engineer will help customers get the most value out of AWS’s native security services while improving their overall security posture.
DevSecOps Engineer will also support the development of processes (CI/CD) to deploy and maintain AWS and 3rd party tool configurations using infrastructure as code (Terraform, cloud formation). You will work directly with customers across businesses in all verticals to help them understand how to confidently use AWS, identify security risks, harden attack surfaces, and establish automated and continuous compliance.
Beyond helping our customers, as the SME for all things Security, you will develop whitepapers to enable customers to fully leverage AWS Security patterns, practices, and services.
As DevSecOps will also create field enablement materials for the broader SA/CSDM population, to help understand how to integrate AWS security into customer architectures.
Summary of Key Responsibilities
- Responsible for assessing a myriad of cloud workloads and accordingly implementing security controls to remediate the risk.
- Help overcome barriers to AWS adoption by identifying and tackling major security, risk, and compliance questions.
- Participate in architecture discussions to work through risk, security, and compliance concerns.
- Building and maintaining technical trusted advisor relationships with the customer
- Implementation using infrastructure as code tools such as Terraform and Cloudformation
- Review customer's security posture and work with the CSDMs continuously to improve compliance scores
- Develop automated playbooks for 24/7 incident response alerts and train the CloudOps team
- Manage security incidents with the CloudOps team and the customer
- Publish/Manage security advisories with the CSDMs and monitor key performance indicators (KPI) and service level objectives (SLO)
- At least 2 years of experience designing, implementing, and consulting enterprises tackling information security, risk, audit, and compliance
- Experience in designing and building automated processes, with the ability to “see the big picture”
- Strong familiarity with the AWS services and ecosystem
- Ability to convert business requirements to technical requirements
- Good knowledge of Security SDLC
- Deep knowledge and hands-on experience with all facets of AWS security, including identity and access management (IAM), monitoring (Cloudwatch), auditing, secure internet protocols, key management (KMS), anomaly detection (GuardDuty), data management, network security, data encryption, DDoS Mitigation, incident response & security remediation, penetration testing and AWS security services and features of services to provide a secure production environment
- Experience mapping security controls to the specific regulatory obligations of customers (e.g., GDPR, PCI-DSS, ISO27001, HIPPA, etc.)
- Advanced presentation and customer service skills
- Strong oral and written communications skills in the English language
- A team player, self-driven, self-motivated, customer-obsessed, excellent communication skills, problem solver
- Desire and ability to keep up with technology trends and constantly learn to stay ahead of the technology curve
AllCloud is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.