– Lead the implementation of AWS security best practices across all cloud environments, ensuring robust data protection and compliance with industry standards.
– Harden AWS services (VPC, EC2, RDS, S3, IAM, CloudTrail, EKS) to meet security standards and ensure data integrity.
– Conduct penetration testing on AWS infrastructure and EKS to identify vulnerabilities and ensure platforms are resilient to potential threats.
– Design and implement a Zero Trust security model to secure access and communication across all cloud services.
– Establish PKI management policies, ensuring secure certificate management and automated key rotations.
– Use AWS KMS for encryption and key management to safeguard data in transit and at rest.
– Implement continuous AWS security monitoring with CloudWatch, GuardDuty, and Config to detect and respond to security threats in real-time.
– Lead incident response efforts, performing root-cause analysis, and developing action plans to mitigate security risks.
– Design and enforce disaster recovery plans with a focus on security, ensuring rapid recovery of critical systems and data.
– Ensure compliance with industry regulations (SOC 2, GDPR, HIPAA) and support regular security audits and assessments.
– Work closely with cross-functional teams to integrate security measures across the entire AWS environment.

Requirements:
– 4+ years of experience
– Subject Matter Expert (SME) in AWS security with deep knowledge of securing AWS environments (VPC, EC2, IAM, KMS, RDS, CloudTrail, EKS).
– Expertise in penetration testing and vulnerability management for AWS infrastructure and EKS.
– Strong experience with PKI management, encryption, and key management using AWS KMS.
– Deep knowledge of Zero Trust architecture and cloud security best practices.
– Experience with AWS security tools such as GuardDuty, Inspector, Config, and Macie.
– Knowledge of security scanning tools and methodologies, including SAST, DAST, SCA, and vulnerability scanning.
– AWS Certified Security – Specialty or similar security certifications required.
– Certified Ethical Hacker (CEH) or equivalent penetration testing certifications preferred.

Note:
— Please share relevant CVs at resume@thezedconsulting.com and mention the job title in the subject.