Description
AWS Cloud Security Engineer Skills
Platform: AWS
Work Package: Firewall (Security Groups,NACLS), Proxy, Kubernetes security, DDoS Protection
AWS Services: Firewall Manager, Network Manager, EC2, Network Security, VPC Design, Shield, EKS, Serverless security, IAM Security (policy)
Experience: 6-9 Years
Certification:
Must have: AWS Network Speciality Certification & Security Speciality Certification
Good to have: AWS Professional Architect Certification
AWS Infra Cloud native engg Core Cloud infra person having understanding of all Security stacks
Key Deliverables
- Design and Build following:
- Network Security Rules Management solution - Security groups ( provision, monitoring, automation), zone correlation, orchestration of rules
- DDoS Protection - CDN, Shield integration
- Proxy - Installation of Squid Proxy on EC2, management of rules, automation
- Container Security - EKS management, Good understanding of Kubernets, security groups on EKS, container security, log ingestion
- Security design best practices as per VISA standards and AWS well architecture framework.
- Automation and enhance of all components must be done via Terraform template or cloud formation template
- Documentation every aspect of delivery that includes but not limits to playbooks, procedures, design, risk posture and so on
- At least 3+ years of hands on expertise on AWS
- Sound understand of network concepts and security - and its implementation on AWS.
- Should have excellent communication skills ie Verbal, Written, Technical & Interpersonal skills
- Domain expertise of network security such as Firewall, Proxy, containers etc
- Detail understanding of Network Technologies Routers, Switches, Load Balancers, Firewalls, Proxy etc
- Good understanding and exposure to Cloud security standards and architectures
- Hands on knowledge of Automation skills, Dev Ops skills etc. Sound knowledge of cloud formation templates and terraform