DevSecOps Engineer | 6 month+ contract | £600 per day | City of London
Posted on Aug 30, 2019 by RedCat Solutions
An SME consultancy seeks an enthusiastic hands on Security Architect/DevOps Hybrid Engineer to work for them with a large FX Payments gateway Client. You'll be working within a small team reporting into the Cloud Engineering team who need help in deploying security related services for AWS only. Note, there is no scope for skills in Azure or GCP.
Candidate should be considered to be very experience in using security related AWS components and also have practical hands-on experience with deploying infrastructure through CD/CD procedures whilst working hand in hand with the information security department.
This role is a mixture between a security architect and a SecDevOps engineer as we require skills in both areas to support the team whilst we enhance the Clients cloud infrastructure and surrounding processes to support the business.
- Design and implement layered technical defences specific for AWS whether native or open-sourced based solutions
- Monitoring Firewalls, IDS/IPS, access management, and others for anomalies or incidents. Respond to information security incidents.
- Stay up-to-date on current information security threats.
- Lead vulnerability scanning/remediation. Work w 3rd parties on penetration testing & security audits for AWS only.
- Administer access controls and security oversight for key third-parties.
5+ years hands on experience in the information security field.
In-depth experience with AWS security, specifically in some or ideally all of the AWS security components:
- WAFs and Shield
- Guard Duty
- VPC Mirroring
- Network Firewall Administration
- IAM Policy development and management
- Key Vault, HashiCorp and SSM secrets with some exposure to SSM-Manager
- CIS auditing and CIS benchmark building
- Certificate Manager
- ECS management
- AWS Config
- Route 53
Experience in using one or more of the following DevOps Tools:
- Ansible or Terraform and also CloudFormation
- Jenkins and/or CircleCI
- Docker and Container Orchestration
- Jira and Confluence
AWS and CISSP certification preferred.
- Knowledge of information security industry trends and ability to thoughtfully and effectively integrate new security technology.
- Knowledge of security risk frameworks such as ISO 27000 or NIST 800 series.
- Comfortable in a fast-paced, lean environment.
- BS in Computer Science, Engineering or equivalent degree