AWS Security Engineer

Job Location: Hyderabad/Pune
Mode of work : Hybrid
Experience: 10-15 Years
Notice Period : 30 days Max

Overview: We are seeking a skilled and motivated AWS Security Engineer to join our team. As an AWS Security Engineer, you will be responsible for ensuring the security and integrity of our AWS cloud infrastructure. This role requires expertise in cloud security best practices, AWS native security services, and a proactive approach to identifying and mitigating security risks. You will collaborate with cross-functional teams to design and implement security controls, ensure compliance with industry regulations, and respond to emerging security threats.

• Cloud Security Architecture: Design, implement, and maintain security architectures for AWS cloud environments. Ensure secure configurations of AWS services (e.g., EC2, S3, RDS, Lambda) in line with industry standards and best practices.
  
• Security Monitoring & Incident Response: Leverage AWS security services such as GuardDuty, CloudTrail, and CloudWatch to monitor and analyze security events. Respond to and investigate security incidents, performing root cause analysis and implementing corrective actions.
  
• Vulnerability Management: Perform regular vulnerability assessments on AWS infrastructure and applications. Implement security patches, updates, and remediation strategies for identified vulnerabilities.
  
• Access Control & Identity Management: Implement and manage AWS Identity and Access Management (IAM) roles, policies, and permissions to enforce the principle of least privilege and ensure secure access to resources.
  
• Data Protection & Encryption: Design and implement encryption strategies to protect data in transit and at rest, utilizing AWS-native encryption tools such as KMS, CloudHSM, and S3 encryption.
  
• Automation & Scripting: Automate security processes and workflows using AWS Lambda, CloudFormation, and infrastructure-as-code (IaC) tools. Develop and maintain scripts for security tasks (e.g., security audits, reporting, remediation).
  
• Threat Intelligence: Stay current with the latest security threats and trends in the cloud ecosystem. Integrate threat intelligence into security operations to proactively defend against emerging risks.
  

Requirements

Requirements:

• Deep understanding of AWS ( VPC, networking and service enablement)
  
• Deep understanding of AWS security framework , SCP, OPA , IAM and Azure AD.
  
• Deep knowledge of AWS security services and solutions, including IAM, KMS, CloudTrail, GuardDuty, Shield, WAF, and Cloud HSM.
  
• Experience at building landing zones in global and multi-cloud environment.
  
• Strong experience in infrastructure as code using Terraform enterprise and harness.
  
• Understanding of integrations with Entra , SIEM, Hashicorp vault , Key Factor , Palo Alto , Anaplan etc..
  
• Deep understanding of SDLC processes.
  
• Define standards and best practices for enterprise AWS federated landing zones
  
• Engage and collaborate with stakeholders to apply best practices and suggest improvements opportunities.
  
• Standardization of platform aspects . Implement complex, smart automation
  

Benefits

Standard Company Benefits