Responsibilities:
- AWS IAM permission management
- Add/modify/remove individual role permissions or broader SCP's
- Write AWS SCP's (JSoN) from scratch
- Review pull requests containing Cloud formation and/or Terraform templates
- AWS IAM Role updates, Permission boundary updates; Build access pathing framework for applications & users
- Creation and implementation of new security models
- Good understanding of Identity and Access mgmt providers, governance, tools and administration; Familiarity with authentication & authorization tools and protocols
- AWS Service Lifecycle management through AWS Organizations, SCPs
- Activation of a new AWS service as well as retirement of an existing service
- Control enhancements
- Building of new controls or enhancement of existing controls
- Access Reporting & Analytics thru tools like Wiz, Splunk
- Work related to creating/modifying/closing reports/scripts that support any reporting needs
- Good handle of IT Service Management(Incidents, Changes, SC Tasks), Jira Story points
- Experience building and deploying (CI/CD) using DevSecOps methods and familiarity with CI/CD tools like Bitbucket, Bamboo & GitHub
- Ability to write simple to intermediate level scripts to automate recurring tasks
Qualifications:
- AWS certified architect associate or AWS Security cert preferred
Primary Skills:
- At least 3 years of Technical "hands on" AWS experience required
- AWS IAM
- AWS Organizations
- JSON, YAML
Secondary:
- Wiz.io
- Splunk
- Python
- Java
- Rest API
- AWS Lambda
- SQL
Required Skills : Identity and Access Management (IAM)
Additional Skills : Security Engineer