AWS Cloud Security Expert

Who we are:
We, Operative, are a world leading revenue accelerant for media companies around the globe. No other software company in AdTech space, brings a comparable depth of experience to create truly innovative software that performs across all platforms, revenue models and business units. We provide software-based solutions which help clients manage advertisements both in the linear (TV) and digital space. We have been in the market for over two decades and have 1100+ employees with 12 offices spread across the globe.

Operative is proud to play a pivotal role in the way advertising is bought, sold and managed across media industry. 

What we are looking for:
Operative is searching a talented and motivated AWS Cloud Security Expert with at least 7 years of experience to join our Cloud Security Team.  You will be an integral part of our team responsible for implementation of security controls in cloud. You will own and drive projects focused on enhancing Operative’s cloud security technical operations.

Job Responsibilities:

• Hands on experience implementing and maintaining highly available and secure distributed system and the network architectures in AWS.
• Strong experience with AWS network topology and services (Multi account/VPC environments that are integrated via AWS transit gateway, Direct Connects/VPNs connecting to physical locations.

• Strong technical understanding of information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)

• Implement industry standard cloud network security practices during build activities and maintain it throughout the lifecycle.
• Designing, and implementing security configurations and solutions to support multiple production and non-production environments.
• Recommend, design, and implement network security solutions, tools, and services using cloud technologies to monitor and protect our cloud infrastructure.
• Collaborate with the team to implement standards for cloud security and day to day best practices
• Work closely with team members to effectively enhance, implement, and configure network security technologies that are scalable and enhance detection and response. Develop automated security and compliance capabilities in support of existing organizational processes in an AWS cloud computing environment
• Identify potential threat vectors in cloud infrastructure that could be used by attackers and cause disruption or a potential data breach
• Implement monitoring and alert solutions to ensure that any security events and incidents are promptly identified and remediated
• Efficient documentation of all the security changes done in a production environment through the Change Management process.

Technical Skills:

• Expert level practical Unix/Linux systems administration skills in a Cloud or Virtualized environment.
• 6+ years of experience working AWS cloud administration
• Serving as a subject matter expert on cloud cyber risk for AWS cloud platforms
• Life cycle management for all security project-related ticket validation, implementation & troubleshooting.
• Familiarity with defensive technologies such as firewalls, IPS/IDS systems, SIEM, EPP, EDR, data encryption and zero trust solutions.

• Experience in configuring and managing and troubleshooting firewalls (Cisco ASA, Sophos UTM/firewall) related tickets.

• Knowledge of CSA, CIS standards and other and managing security services in AWS including AWS WAF, Firewall Manager, Config, Trust Advisor, Inspector, Guard Duty, Security Hub cloud security frameworks in AWS.

• Hands-on experience in network security, server security, endpoint security, identity and access management, vulnerability management, configuration management, media protection, contingency planning, log management, and data protection methods
• Experience in phishing simulation solutions – An advantage
• Experience in Vulnerability management/assessment tools such as Nessus, Burp suite, Nexpose, Metasploit, Qualys guard, etc.
• Monitor and respond to 'phishing' emails and 'pharming' activity, including abuse of permissions by authorized system users.
• Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards
• Experience with following Log Monitoring/ Log Aggregation solutions: Splunk, ELK etc.
• Develop anomaly detection/ User behavior analysis dashboards and reports to identify potential threats, suspicious activity, and intrusions in ELK Stack.
• Familiarity with any monitoring tools including ELK, Zabbix, New Relic, Data Dog and CloudWatch.

• Knowledge and good understanding of IT and DevOps security architecture and tools
• Problem solving / troubleshooting in complex network environments.
• knowledge of Backup and Recovery methodology and implementations.
• Technical experience and familiarity with various techniques of cyber-attacks, vulnerabilities, and prevention solutions
• Understanding of OWASP, the MITRE ATT&CK framework and Proficient in incident response processes (detection, triage, incident analysis, remediation, and reporting)
• Strong background within Incident Response & Threat Hunting including IOC (Indicators of Compromise) & TTP (Tactics, Techniques & Procedures)
• Advanced level of skill with scripting in more than one language such as PowerShell, Python, Bash, Ruby, Perl to support automation of security operations.

EDUCATION, CERTIFICATION, AND EXPERIENCE 

• Bachelor’s degree (or similar degree) required
• Having One or more AWS certifications, such as AWS Certified Security - Specialty, AWS Certified Advanced Networking – Specialty, AWS Certified Solutions Architect – Associate, AWS Certified Developer – Associate, AWS Certified SysOps Administrator – Associate, AWS Certified Solutions Architect – Professional etc. will be advantage.

Operative cares about your privacy and protecting your data.  By submitting an application for a position with Operative, you acknowledge that you have read the following and consent to how Operative treats your data: 1) the Candidate Privacy Policy and 2) the Candidate Notice for Data Transfer and Retention.