AWS Security Expert
- Have thorough knowledge and experience in cloud technologies, cloud deployment models (IaaS/PaaS/SaaS), and familiarity with AWS core services (EC2, S3, DDB, RDS, KMS, Security Hub, Config, Inspector, Systems Manager etc.). Knowledge of AWS Control Tower is an advantage;
- Have experience in performing technical assessments and documentation of network, operating systems, application security, as well as auditing IT processes, including working knowledge of key controls across a number of industry best practices, regulatory, and compliance frameworks;
- Experience with assessing, monitoring and automating security controls;
- Experience in assessing and/or implementing security processes and controls in the areas of Vulnerability Management and Logging and Monitoring;
- Ability to evaluate the design and effectiveness of IT controls with hands-on expertise with embedding security controls in CI/CD (eg. Sonar, Contrast Assess, Gatling);
- You are a Certified Cloud Security Professional (CCSP) or equivalent. Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) qualifications are advantageous;
- Proven track record of defining and driving implementation AWS and strategies in a technical multi-tiered environment within a large corporate enterprise;
- Experience with relevant standards and frameworks (e.g. ISO 270001, NIST, IEC 62443);
- Knowledge of Kubernetes cloud security approaches and best practices, specifically AWS;
- Good communication skills with peers, product owners, feature teams, architects and stakeholders;
- Eager to solve complex problems with innovative solutions in a structured and organized approach;
- Proficient in business English, both in writing and speaking. Dutch and German is an advantage;
- Creative, results oriented, pro-active, self-steering, cooperative mindset and excellent interpersonal skills.
Our client is a leading provider of business mobility solutions and part of the Financial Services Sector. A significant part of the IT Department is located in Breda from where IT Services are developed and provided for the European market. High customer satisfaction, agile delivery and robust IT solutions are very relevant. In this role you will be working in an international team of highly qualified staff. The IT Delivery Center Netherlands in Breda is positioned to support other Entities in their needs. In collaboration with one of the headquarter departments we want to provide expertise to help improving the overall security of used group systems and platforms.
We are looking for an experienced AWS Security Expert who can assure Security by Design, both in runtime as well as design time. You will be responsible for ensuring that all AWS security related aspects are covered in the delivery process and in each release. As an AWS Security Expert you will help us in embedding defined security controls, guidelines and best practices in our design, build and delivery stack as possible. Additionally you will arrange, execute and support regular assessments on the new platform and IT artefacts. You work 32-40 hours and your position is based in Breda.
More specifically, you will:
- Understand and serve as a subject-matter expert around AWS’ security controls across various domains including : IAM, VPC Security, Logging and Monitoring, Data Protection, Application Security and Vulnerability Management;
- Advise Product owners/feature teams on the secure implementation of AWS services and features, support transition and provide guidance on platform hardening;
- Communicate to key stakeholders the operational processes around AWS security practices and how controls are implemented across the environment;
- Communicate to leadership key risks and areas of program improvement, as well as seek diverse opinions and coordinate improvement efforts;
- Manage and fulfill requests around evidence to ensure the key controls that exist within AWS’ various security domains are implemented correctly;
- Support the feature teams on understanding the IT security requirements and implications;
- Review application architecture / design and when required perform threat analysis and define complimentary protection measures;
- Support the risk management process with your peers in HQ and other locations;
- Support the vulnerability management process with your peers in HQ and other locations;
- Dive deep into the AWS control environment to develop broad domain and technical understanding of AWS control activities and implementation to articulate compliance to key stakeholders;
- Advice on security controls in the CI/CD delivery pipeline to ensure continuous security and compliance.
Please send us your recent CV + a cover letter for this role (both in English) together with your availability/planned vacations and all-in hourly rate VAT (BTW) excluded.