Cloud Engineer Sr.
Cloud Engineer Sr. is needed on the team because projects are getting larger, data protection laws demand more tasks as well as our own regulations and security standards. But technology also requires greater protection of its infrastructure.
The position has a strong focus on: Cloud Security (AWS) with the philosophy of DevOps (Devops+Sec), and strong skills in web security, vulnerabilities, computer risks, knowledge of network security and with the ability to assess the security of the code of a project and to attend in time and form any security incident and solve it. If possible: programming knowledge (Python desirable), automation knowledge, and continuous integration tools (CI/CD), which will provide the necessary integrations that we require in all projects: Docker, Github, AWS knowledge (security, EC2), Fargate, RDS, etc).
Knowledge of Firewall, detection of Malware, Viruses, Trojans and attacks such as: Cross Site Scripting (XSS), DDoS, etc.
Knowledge of Linux/Unix, BD, web server administration: nginx and php is required.
MAJOR DUTIES AND RESPONSIBILITIES
- Review the security of a new project, or the modifications made in each deployment.
- Investigate, search, analyze and implement new ways to integrate security functions, focused on innovation and automation for our infrastructure.
- Detect early security alerts.
- Evaluate the severity and resolve it on time, leaving a technical and executive report available.
- Collaborate with your analysis and appropriate technical recommendations for each case or project.
- Expand personal and professional technical knowledge.
- 3 years of experience in a similar position.
- Primary focus: AWS Security tools. But also, of infrastructure, database and the functions of the integration tools, logs and S3.
- Excellent understanding of DevSecOps culture and principles
With a strong focus on security tools on AWS and cloud security as well as information security in all its characteristics.
- Experience working with Agile Methodologies
- Security knowledge in Amazon Web Services (AWS), OWASP, ethical hacking, CISSP.
- Advanced level of written and spoken English
- UNIX server administration experience
- Experience in UNIX/Linux environments
- Good knowledge of Amazon Web Services (AWS)
- Review of logs and consoles for vulnerability management and detection of attacks
- Splunk, CloudWatch, Brinqa, Alert Logic, Signal Sciences and AWS WAF, logs (Unix, bd, Nginx, php, etc.)
- Good understanding of security best practices DevSecOps
- Manage security tools and integrate them throughout the development, operations and infrastructure circuit
- Basic usage of version control systems (Git, GitHub, Bitbucket, CodeCommit)
- Experience with Continuous Delivery Systems (Jenkins, TeamCity, CloudBuild, CloudDeploy, CodePipeline)
- Basic knowledge of automation tools / configuration managers (Ansible, Chef, Puppet)
- Advanced implementation and troubleshooting of web applications
Jobcode: Reference SBJ-gkev90-3-238-132-225-42 in your application.