SecOps Engineer (Security Specialist)
Infotrend, Inc. is seeking a dynamic SecOps Engineer (Security Specialist), someone who is passionate about developing and supporting our cloud-based SaaS platform. The ideal candidate is able to understand innovative technical concepts and has a great understanding of all critical information security domains.to add to our team. The tasks include, but are not limited to:
- Develops automated operations and is responsible for the design, development and support of all security services
- This role is looking for a key player to work closely with the development and DevOps teams as they design secure solutions meeting partner requirements.
- The Cybersecurity / SecOps Engineer will diagnose, document, and identify the necessary steps for establishing and maintaining a secure cloud and AWS environment.
- Key responsibilities include creating, configuring and maintaining:
- AWS Organizations Service Control Policies (SCP)
- Common AWS Identity & Access Management (IAM) roles and policies.
- Reviewing all Cloud and business unit IAM roles and policies to ensure least privilege configuration.
- Reviewing all Cloud and business unit Security Groups to ensure least privilege configuration.
- Coordinating access approval and review integration and operation with general SEC access approval and review systems.
- Providing secure AWS Key Management Service (KMS) Customer Managed Keys (KMS) via a Crypto Officer role.
- Ensuring that appropriate AD users are added to AD groups that permit federating into IAM roles.
- Secure remote access, Threat protection and vulnerability management.
- Maintaining and securing AWS root account credentials.
- Maintaining the System Security Plan and related documentation.
- Take an active role in the configuration and maintenance of a diverse range of security tools, with a focus on cloud environments.
- Implement Information Security across multiple teams and ensure systems are compliant with internal and regulatory security standards.
- Implement automated solutions to filter out false positives and identify events that truly need human intervention by leveraging scripting, AWS services, and other tools.
- Participate in the development of action plans to remedy findings from assessments, work with DevOps and Developers to remediate findings and when required provide solutions. Design and document system architecture and associated designs by analyzing requirements; constructing workflow charts and diagrams; studying system capabilities; writing specifications.
Requirements:
- Financial services experience
- Driven, creative thinker who is able to merge business and technical information
- Bachelor’s degree in Information Security, Computer Science, or a related field
- Minimum 7 years of experience within Information Security
- AWS project technical lead experience required, preferably client-facing and in the federal space
- Experience with application security
- Experience with network security
- Must be public trust eligible
- AWS Certified Security Specialty Certifications