Senior Security Consultant/Architect
Posted on Dec 27, 2020 by Thrive IT Systems Ltd
One of our niche clients in Sweden are looking for a Senior Security Consultant.
Experience & Qualifications;
Technical knowledge, expertise and experience in areas within the IT Security domain with at least 6-8 years of progressive experience
Proven experience and competence of working with Security technologies on the Amazon Web Services (AWS) platform with large scale implementation, operation and life cycle management from the banking/financial sector
Fundamentals of automatization of Security in an agile working methodology
Working with an international and multi-cultural organization with outsourcing partners
Recognized certification within the IT Security domain and AWS is preferred
Extensive knowledge of working with Security Technologies & Processes in any of the following Security domains on Amazon Web Services (AWS) as a platform is required
Implementing and maintaining capabilities such as Web Application Firewall (WAF) and API Security Gateways.
High knowledge of Security in a Software Development Lifecycle (SDLC) with implementations in an agile working methodology and CI/CD pipelines.
General Knowledge of Secure Coding and the OWASP Framework with experience on Security testing capabilities such as Static & Dynamic Application Security Testing (SAST/DAST).
Assuring secure administrative channels incorporating capabilities such as Bastion Hosts, Separation of Administration from Services, Multifactor Authentication for System Administrators and Administrator Audit Trails.
High knowledge of implementing & maintaining Network Zoning, Firewall & Firewall Management, IDS/IPS, NACL and Security Groups.
Endpoint, Server & Device Security
Working with System Hardening and "Gold Code" Software Images covering a system stack incorporating EC2 and Containers. Bringing Security into the automation concepts of Infrastructure as Code.
Experience on working with Endpoint Security capabilities, Computer Security & Logging Policies in such a system stack.
Identity, Authentication & Access Management
Experience involving capabilities such as; Identity Lifecycle Management, Segregation of Duties, Multi-Factor Authentication and Role Based Access Control.
Knowledge of Federated Identities & protocols such as Oauth2, OpenID and SAML to implement & operate authentication and authorization concepts in applications & systems.
Data Protection & Cryptography
High knowledge on Transport Layer Security (TLS), Public Key Infrastructure (PKI), Key Lifecycle Management and Data Encryption, Anonymization & Tokenization.
Monitoring, Vulnerability & Patch Management
Knowledge on Monitoring, Vulnerability Scanning and Patch Management & Deployment.
High Availability & Disaster Recovery
Experience on incorporating capabilities such as; Clustering, Load Balancing, Data Mirroring & Replication Disaster Recovery Planning (DRP) and Backups & Backup Management.
Knowledge in any of the below listed technologies are required
AWS Competence in
o Key Management Service
o Secrets Manager
o Certificates Manager
o AWS Config
o Cloud Trail, Cloud Watch, Cloud Front, Shield
o Trusted Advisor
o Inspector, GuardDuty
o Firewall Manager
o Transit Gateway, API Gateway
o Systems Manager
o Security Hub
o Application Load Balancer
VPC, NACL & Security Groups
Curity Identity Server
SAST/DAST involving SonarQube, Tennable and Burpsuite
Trend Micro EPS/Deep Security