*DevSecOps Consultant*
*Irving, TX 6+ Months* Mandatory skills: Hardening and monitoring threats, Strong Automation, Network Security This role will be a DevSecOps role that focuses on execution and implementation in an AWS cloud environment. This person will be working with both the DevOps and development teams to implement security controls that are defined by our security organization for our AWS environments. Our AWS environment consists of multiple AWS accounts, 20+ VPCs, 1700+ instances, and several hundred DynamoDB tables and Lambda functions. This person must be a self-starter and not require much supervision since they will be working remotely. There will be interaction with other teams for coordination and information gathering, but the overwhelming percentage of time will be spent in researching the appropriate solution and implementation. Implementation of these security controls will require strong skills in automation as all controls must be implemented via automation (either CloudFormation or configuration management tools).While this role is focused on AWS security, some general operational knowledge is required as well as many of our applications in AWS integrate with on-prem applications. Some examples of the responsibilities will include: - Receiving requirements for implementing a security control, researching the proper solution, coordinating the implementation via change management procedures, and implementing the solution. - Log Analysis - Our organization uses Splunk and all applications log to Splunk, so it will be common to analyze logs to look for potential threats. - Implementing IAM access via IAM roles. This will involve using tag-based authorization and other security practices for following least-privileged principals for securing access to AWS services such as API Gateway, Lambda, S3, DynamoDB, CloudFormation, etc. - OS hardening - Implementing security controls for both Linux and Windows EC2 instances. - Application hardening - Implementing secure configurations for application tools such as nginx, IIS, custom application and middleware servers, etc. - Creating CloudFormation stacks for resources such as KMS Keys, S3 buckets, IAM policies, and other AWS resources. - Creating automated audit processes for identifying insecure configurations. - Analyzing results from Nessus scans and identifying solutions for securing custom applications and databases. Required Skills: - Strong communication and documentation skills for working with various teams. - Cloud Security - general best practices for AWS. - Strong application security knowledge. - AWS Security - IAM, TLS, ACM, KMS, security groups, NACLs, and GuardDuty. - Git - implementation of controls is done via automation, we use a git-backed SCM. - Automation - must have strong scripting knowledge in either PowerShell or Python, and configuration management knowledge with either Puppet or Ansible. - OS knowledge in both Linux (Ubuntu and RedHat) and Windows. - Web and application server working knowledge for nginx and IIS. -- *Thanks & Regards,* *Shankar | Sr. Technical Recruiter * *Email: **[email protected]* <[email protected]> *Work: 281-823-9222 Ext 517 | Direct*: *409-404-0333* 11271 Richmond ave,Suit #107,#108,Houston,TX-77082 [image: unnamed] 3S Business Corporation www.3sbc.com <http://www.dwlabs.com/> An E-Verified Company *****Best way to reach me through email***** -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/android-developers/CAMiPCQnVZAhgVArgmdJtGCApM0SsSf6MyDombsQncJ80%2BDARyA%40mail.gmail.com.
