Our client is looking for a Development Security Operations Engineer in Mississauga.
Candidate must be coming from an Amazon environment.
Candidate preferable skills:
• 2+ years DevOps/Cloud experience
• Proven experience with AWS/Azure Cloud infrastructure.
• Deep understanding of Docker, Kubernetes, kOps or AWS EKS deployments.
• Enhance and integrate secure cloud solutions into our Managed Cloud Platforms.
• Be the subject matter expert on cloud security operations.
• Monitor, troubleshoot, and improve current security solutions for stability, reliability, and performance against our security baselines.
• Demonstrated AWS security knowledge of IAM, role-based access controls, network security, NACL, security-groups and cloud infrastructure security Prior experience with Infrastructure as Code technologies (e.g. Ansible, Terraform, CloudFormation)
• Capable of configuring IAM permissions, authentication, and automation through Policy as Code
• Ensure secure access to resources with Azure identity and access management solutions – Azure RBAC, Directory Service, SSO, MFA, PIM, Condition Access Polices
• Experience with cloud native log management, monitoring and SIEM tools to assess vulnerabilities, monitor threats, and provide remediations (manual/automatic) using services such as AWS Systems Manager, Inspector, GuardDuty, Security Hub, CloudTrail, CloudWatch
• Experience implementing certificate and key management systems to enable encryption on cloud platforms. An understanding of security and authentication protocols including TLS, SSH, OAuth, JWT, SAML, and Kerberos;
• Experience with open source technologies and environments
• Enforce network security using AWS Shield, Shield Advanced, Network Firewall.
• Ensure security of applications hosted on AWS using tools and services such as AWS WAF
• Identify and access management design and implementation (OIDC, OAuth2, AD, AAD, FIDO2)
• Experience with continuous integration and continuous deployment (e.g., Gerrit, GitLab, SDLC etc.)
• Ensure comprehensive and appropriate documentation at all stages, within an assignment
• Strong understanding of security best practices
• Switches/Routers/Firewalls (Basic configuration understanding)
• In-depth knowledge of IP, SSL, TLS
• Knowledge of network intrusion prevention/detection techniques
• Network and OS (Linux/Windows) hardening
• Proficient in Linux and Windows system administration
• Knowledge of attack vectors (malware, web application, social engineering, etc) and attack surfaces (ports, firewalls, incoming data processing, interfaces, etc.)
• Maintain up-to-date, detailed knowledge of new or updated security solutions, enhanced security processes, and the development of new attacks and threats
• Basic Understanding of offensive assessments, penetration testing or vulnerability analysis
• Basic knowledge and exposure of tools (Nessus, Burp, Nikto, Kali OS, Metasploit) to scan system devices for vulnerabilities according to compliance policies
• Good scripting experience in your language of choice (Python, Bash, PowerShell, etc)
• Knowledge of compliance standards such as SOC2/NIST CSF/ITSG-33 Anex4-1 Protected B/PCI
Nice to have:
• University degree in the field of Computer Science, Engineering or a related discipline
• Cloud certifications (AWS Security Architect / AWS Security Engineer) / General security Certifications such as but not limited to CISSP, CCSP, CCSK
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Highly self-motivated and detailed oriented
• Team-oriented and skilled in working within a collaborative environment.
If you are interested, please send your resume with confidence to [email protected]