AWS DevSecOps Architect (Hybrid)

Responsibilities

• Leads and participates in governance functions to promote security objectives (Cloud, DevOps, DevSecOps)
• Design and implement various customization for CI/CD platforms (AWS, DevOps / GitHub Enterprise) w.r.t build agent pools management
• Collaborate with enterprise architects and various IT service owners (security, platform services, network services, etc.) to align DevSecOps roadmap to other ongoing initiatives
• Provides and delivers actionable security guidance to project teams
• Vision, Architect solution proposal and Support business development
• Collaborating with engineering and client team to evaluate and identify optimal DevOps security solutions
• Reviewing system design in accordance with cloud & security best practices, making recommendations on required security guardrails and cost optimizations
• Identifying, analyzing, and resolving infrastructure vulnerabilities and application deployment issues
• Interacting with clients, providing DevSecOps support, and making recommendations based on client needs
• Detect, Collect, Assess, and evaluate business and IT risks
• Developing IT security standards, procedures, and controls for data collection, data management, and risk management.
• Supporting, assisting with the analysis of requirements and design of clients' information security posture, Regulatory and Scheme security requirements.
• Supporting the delivery of work streams for enterprises in compliance standards which is required to be supported and incident management disciplines.
• Performing and investigating internal and external information security risk and exceptions assessments.
• Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
• Provides remediation guidance and prepares management reports to track remediation activities.
• Staying current on best practices and technological advancements and acts as a technical resource for security assessment and regulatory compliance.
• Performing other related duties as assigned from time to time based on the business requirements.

Competencies

• 12+ years of total industry experience and more than 5+ years of DevSecOps experience
• Cloud Security implementation tools experience
• Cloud services implementation like CSPM, CWPP, CNAPP
• Understanding on DevSecOps security, landing zone, cloud infrastructure and cloud native services
• Good domain expertise of cloud infrastructure compute, network, and storage as well as the cloud control plane
• Good Knowledge of virtualization, containers, service-mesh, and enterprise service business
• Good Experience with structured Enterprise Architecture practices, cloud deployments, and on
• Good Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools
• Troubleshooting and analytical skills
• Good communication and collaboration skills
• Good client management skills