AWS Security Engineer
AWS Security Engineer
POSITION SUMMARY: Responsible for evaluating, implementing and maintaining AWS and Azure security/networking technologies, Cisco firewalls and web filtering, Citrix Netscalers and FireEye appliances in an enterprise wide environment. Duties include securing Cloud based and on premise infrastructure, managing ongoing enterprise vulnerability scanning and remediation, upgrading and maintaining security based software and hardware appliances, documenting configurations and training of departmental administrators. Has daily responsibility for addressing MMS security issues, ongoing security compliance requirements, troubleshooting web infrastructure issues, documenting solutions, and provides second level support to BITS staff for security and web related issues.
- Designs, implements and manages the security requirements for AWS and Azure Cloud environments to achieve business objectives following industry best practices.
- Manages, installs, and configures new security hardware/software (Cisco firewall, Citrix Netscaler, FireEye, Acunetix, etc.), log file rotation and archiving, and maintains current documentation on configuration and installation procedures.
- Manages and administers enterprise web application security scanning tools and processes including use of the system to secure Cloud based and internal web applications.
- Serves as an in-house escalated technical support resource for BITS staff, business units and external users in troubleshooting web application and security problems providing 24x7x365 on call support when necessary.
- Develops and implements training for BITS staff on the secure deployment of new products/systems based on security best practices.
- Develop, implement and deploy Security training and education program to promote and improve enterprise wide Security awareness.
- Develops a good working relationship with BITS staff to maintain the technical rapport and information sharing goals between durable teams and BITS sub groups.
- Maintains current knowledge of state-of-the-art security software, hardware and evolving threats/tends.
- Evaluates and recommends new Cloud infrastructure and security based technologies to Director Information Technology Security and Software Infrastructure team.
- Works with Director Information Technology Security on the management of maintaining PCI compliance by ensuring that quarterly scan reports are obtained, all vulnerabilities are addressed, works with security vendor to ensure internal/external and web application penetrations tests are performed and annual PCI questionnaire is completed.
- Works with external security vendor to ensure their daily log-analysis reports on Firewall, Active Directory, database and Web logs are reviewed and any questions or alerts are addressed in a timely manner.
- Analyzes, remediates and documents any detected IT security vulnerabilities, threats and incidents.
- Creates documentation to meet compliance and audit mandates, maintains Security Team site and ongoing agenda for monthly security team meetings.
- Keeps Director Information Technology Security informed regarding project priorities, status, and any problems related to timely completion of systems routines, systems projects, and general projects.
- Performs other duties as required by Director Information Technology Security and Software Infrastructure team.
- CISSP certification or equivalent security certification required.
- A Bachelor’s degree in Computer Science or Computer Engineering preferred.
- A minimum of five years of extensive experience designing, implementing and supporting an enterprise wide security program.
- Experience in securing an enterprise web environment and the implementation of security compliance requirements to meet PCI and Massachusetts CMR17 privacy law mandates is also required.
- Must have hands–on experience with AWS, Azure, Cisco firewalls, Citrix Netscaler, FireEye appliances, DNS, secure certificate administration, TCP/IP protocols, Internet security, Microsoft server administration, SMTP, web services including IIS, and security applications - Acunetix, Nessus, and Rapid7 Nexpose.
- Excellent interpersonal skills (both written and verbal), including experience in training and support, attention to detail, commitment to excellent quality, and ability to work on multiple projects simultaneously in a deadline-oriented environment are also required.