Job Description

what you will do you will work on a diverse domain of information security across the organisation, most importantly infrastructure and data security be responsible for identifying security issues (external as well as internal), help stakeholders to mitigate, and on frequent occasions build a solution around some of the complex problem statements and implement security for cloud-based systems in AWS own the cloud security posture management program and concentrate efforts on continuous improvement of the cloud security configurations aligned to global standards like NIST 800-53 or ISO 27001 automate infrastructure security and develop/implement security automation to solve manual effort on a day-day basis conduct security design/infrastructure reviews, and security architecture reviews. contribute to the building, operating, and maintaining of the cloud security infrastructure to improve prevention, detection, and response capabilities. translate product requirements into threat models and identify security risks and threats build scalable systems which enforce and monitor compliance with your secure baseline, rectify issues automatically and alert on problematic systems. build in-house security frameworks to establish a state of art security culture inside tech assist with creating security awareness and maintaining prudent security engineering culture within an organisation enable compliance in teams and help them achieve some of the industry\'s best practices (e.g. PCI DSS, ISO 27001) you should apply if you have: 2-6 years of experience in information security proficiency in one or more of the programming languages (python, golang, bash) a good understanding of cloud security and a background of working with AWS Security ability to develop and automate in-house security tools ensuring seamless integration and enhanced protection against threats understanding of microservices architecture, CI/CD pipelines, containers and experience in implementing security measures to safeguard containerized applications throughout the development and deployment processes an understanding of concepts like Zero Trust Architecture, defence in depth, SASE the drive to influence organisations and stakeholders by practising data-driven approach a GitHub profile, blog or a conference presentation the ability to be a go-to person and communicate effectively with stakeholders (engineers, product, business teams) the zeal to be proactive in keeping yourself updated with security news/issues/breaches/tools/blogs on the internet

foundit