DevSecOps AWS Cloud Security Architect

Please notice the position is in a hybrid model of work from Cracow.

About this position: We are looking for talented cyber security architects to down full stack security architecture and implementation for the industry-leading cloud-native DevOps and edge deployment management platform

Job Responsibilities:

• Full stack cloud security architect responsible for designing and implementing best-in-class security controls for distributed, high-volume, cloud-native workloads

• Own the security architecture across the network, Cloud Paas & Infrastructure, Integration and Application layers

• Execute and coordinate the remediation of vulnerability scan tests and CVE process.

• Define the security controls and processes for Infrastructure-as-Code DevSecOps.

• Build observability and threat detection platforms utilizing industry-leading tools.

• Advise SRE engineers on building automation to support operations of cloud workloads

Mandatory skills:

• Architect Security Solutions: Design and implement robust, scalable security solutions for AWS-based cloud infrastructure, including network security, data protection, and compliance.

• Kubernetes Security: Ensure the security of Kubernetes clusters and microservice architectures using best practices for access control, secret management, and container security.

• Prisma Integration: Oversee and optimize the integration of Prisma Cloud for security monitoring and governance of our cloud infrastructure.

• SIEM Management: Monitor and maintain threat detection systems to ensure real-time alerting and response to security incidents across the cloud ecosystem.

• CVE Remediation: Lead the CVE management process by identifying vulnerabilities, assessing risk, and driving remediation efforts in a timely and organized manner.

• DevSecOps Best Practices: Implement and maintain DevSecOps practices, including secure CI/CD pipelines, code scanning, and automated security testing.

• Penetration Testing: Collaborate with external or internal penetration testers to conduct regular security assessments, and ensure remediation of identified vulnerabilities.

• Incident Response: Develop and maintain security incident response plans, ensuring swift, effective action during security events.

• Security Awareness: Collaborate with engineering teams to foster a security-first mindset, providing training and promoting best practices across the organization.

Good to have skills:

• Very Strong communication skills

• Worked in Agile/Scrum projects