Consultant

Experience

4.5-8 Years

Skill (Primary)

Technical Skills (ERS)-Cloud - AWS-DevSecOps - AWS

Qualification

B-Tech

Location

Noida

Job Description (Posting).

Key ResponsibilitiesVulnerability Identification & Management Conduct automated scans and assessments of AWS infrastructure, applications, and CDN configurations for vulnerabilities using DevSecOps-integrated tools. Evaluate and deploy security tools within CI/CD pipelines for continuous vulnerability detection, tracking, and reporting. Prioritize vulnerabilities based on risk impact, leveraging threat intelligence, and drive remediation efforts across cross-functional teams.AWS & CDN Security Implement and enforce security best practices across AWS services (e.g., EC2, S3, IAM, Lambda, VPC) and CDN platforms (e.g., Cloudflare, Akamai, AWS CloudFront). Monitor AWS environments and CDN edge nodes for misconfigurations, threats, and performance-related security risks. Leverage AWS Security Hub, Inspector, GuardDuty, and CDN-specific security features (e.g., WAF, DDoS protection) to maintain a robust security posture.Application Security & DevSecOps Perform security reviews of application architecture, microservices, APIs, and CDN-integrated delivery systems. Embed security into the Software Development Life Cycle (SDLC) by integrating SAST/DAST tools (e.g., Snyk, SonarQube) into CI/CD workflows. Collaborate with development teams to shift security left, automating vulnerability detection and remediation in code and deployment pipelines.Incident Response & Remediation Respond to security incidents across AWS, applications, and CDN infrastructure, coordinating with internal and external teams. Conduct root cause analysis for incidents, including CDN-related vulnerabilities, and recommend automated preventative measures. Develop and maintain playbooks for vulnerability management and incident response, optimized for DevSecOps workflows.Collaboration & Automation Partner with DevOps, Security, and Development teams to integrate security into CI/CD pipelines, IaC (e.g., Terraform, CloudFormation), and CDN deployments. Drive adoption of DevSecOps practices, including container security (Docker, Kubernetes) and automated threat modeling. Provide training and mentorship on secure coding, AWS security, and CDN optimization to stakeholders.Required Skills and Qualifications Bachelor s Degree in Information Security, Computer Science, or a related field, or equivalent experience. 8+ years of experience in vulnerability management, AWS security, application security, or DevSecOps roles. Strong expertise in AWS services (IAM, S3, EC2, Lambda) and CDN platforms (e.g., CloudFront, Cloudflare, Akamai). Proficiency with vulnerability scanning tools (e.g., Wiz, Qualys, AWS Inspector) and DevSecOps-integrated security tools. Hands-on experience with SAST/DAST tools (e.g., Snyk, SonarQube) and their integration into CI/CD pipelines. Deep understanding of OWASP Top 10, CWE, and CDN-specific security risks (e.g., cache poisoning, DDoS). Proven experience with automation, CI/CD pipelines (e.g., Jenkins, GitLab CI), and IaC (Terraform, CloudFormation). (1.) Depending on the work environment, the subject matter expert may lead or be an active participant of a work-group with the need for specialized knowledge. (2.) Meet all agreed-upon turnaround times for deliverables, deliverable reviews, or deliverable sign-off (3.) Understands, articulates and implements best practices related to his area of expertise. (4.) Provides guidance on how his area of capability can resolve an organizational need and actively participates in all phases of the solution life cycle. Design Solutions and best practices to meet clients objective. (5.) Work with clients to identify business challenges and contribute to client deliverables by refining, analyzing, and structuring relevant data

Skill Level 3 (Secondary Skill 1)

Technical Skills (ERS)-Cloud - AWS-AWS CloudFormation

Skill Level 3 (Secondary Skill 2)

Technical Skills (ERS)-Cyber Security-Security Testing -DAST

Skill Level 3 (Secondary Skill 3)

Technical Skills (ERS)-Cyber Security-Security Testing -SAST

Skill Level 3 (Secondary Skill 4)

Technical Skills (ERS)-Platform-Cloud-Containers (Kubernetics, Dockers)