AWS DevSecOps & Compliance Cloud Consultant

Summary 

Vertical Relevance is looking for an AWS Security & Compliance Consultant, to join our team as a full-time employee in our work remotely. This person is responsible for the end-to-end planning, building, and deploying of software systems. He/she will be able to drive the programming of well-constructed, testable code. 

As an AWS Security & Compliance Consultant, you will implement technical solutions as part of a team for customer engagements. This role requires strong teamwork, communication, patience and organization skills needed to drive customer success.    

At Vertical Relevance we deliver with excellence through teamwork, automating everything, constantly learning and taking ownership for the outcomes our customers experience. Are you ready to join the team? 

Responsibilities 

• Help customers shape their journey to adopting the cloud and provide our customers with technical and strategic guidance on their “cloud journey”. 

• Consult, plan, design, and implement security solutions on the cloud customers 

  • Design and automate security and compliance solutions 

  • Become a deep technical resource that earns our customer's trust 

  • Develop high-quality technical content such as automation tools, reference architectures, and white papers to help our customers build on the cloud 

  • Innovate on behalf of customers and translate your thoughts into action yielding measurable results. 

• Support solution development by conveying customer needs and feedback as input to technology roadmaps. Share real world implementation challenges and recommend expansion of capabilities through enhanced and new offerings. 

  • Assist with technical briefs that document solutions 

  • Assist with reference architecture implementations 

• Support internal and external brand development through thought leadership: 

  • Work with Marketing/Alliances to write blog posts 

  • Work with Marketing/Alliances to develop internal case studies 

Qualifications  

• Professional experience architecting/operating automated Security & Compliance / DevSecOps solutions built on AWS 

• Experience in software/technology customer facing experience 

• You must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.

Sample Activities You’ll Do 

Creating a Self-Service Account Framework 

• Assist Customer with organizational hierarchy design and configuration templates 

• Assist Customer in the development of referenceable playbooks, supported by relevant code examples 

• Assist Customer in the development of sample runbooks to automate the implementation of AWS account setup and configuration 

  • Account Framework - Developing an automated Continuous Delivery Pipeline framework that will be used to establish AWS Accounts to configured, tested infrastructure on AWS in a repeatable, reliable and secure manner eliminating the need for manual intervention.

  • Security Control Policies - Development of the Service Control Policies and account baselines associated with the Customer’s security and compliance requirements 

• Assist Customer with the development of a report and supporting sample code addressing the controls as part of the playbook 

Creating Security Threat Analytics and Dashboard Solutions 

• Creating a framework to automatically gather, transform and interpret security event data in AWS. 

• Selecting, defining, identifying security requirements and determine where: 

  • Macie can be leveraged 

  • GuardDuty can be leveraged 

  • Inspector can be leveraged 

  • Security Hub can be leveraged 

  • Alternative security products can be leveraged 

• Codify the provisioning of security analytics and reporting workflow: 

  • Implement Security Hub with in a central account with inputs from all accounts 

  • Implement GuardDuty for global security events 

  • Implement Macie for detection of sensitive data in 23 buckets 

  • Develop AWS Config rules to enforce security configurations in CIS AWS Foundations standard 

  • Implementing Inspector to gather findings from EC2 instances 

  • Enable CloudTrail for monitoring API activity 

  • Enable FlowLogs for VPC traffic 

Creating a Self-Service Compliance Framework 

• Selecting tools for building Policy-as-Code controls (preventative, detective, and responsive) 

• Development of referenceable playbooks, supported by relevant code examples for controls 

• Development of sample runbooks to automate the implementation of controls: 

  • Policy Definition – Identification and documentation of Customer Policy in the form of specific statements that must be true about configuration of AWS resources 

  • Policy-as-Code Development – Development of the logical tests associated with each of the policies established to be used to assert the configuration state of infrastructure on AWS in order to block a build in the pipeline, take automated reactive action, or alert on violations to the policy 

  • Framework Development – A design allowing for the execution of logical tests against infrastructure code or running AWS infrastructure in order to assert the configuration state of infrastructure resources on AWS and block a build in the pipeline, take automated reactive action, or alert on violations to the policy 

• Development of a report and supporting sample code addressing the controls as part of the playbook 

Relevant Technical Tools 

• Primary Languages – Python, Java, Bash 

• Tooling, Services & Libraries – Jenkins, Gitlab, Terraform, Vault, Git, Splunk, OWASP, Trend Micro, Palo Alto, Fortify, Twistlock, Aqua Security 

Relevant AWS Services 

• AWS Infrastructure Scripting – CloudFormation, AWS CLI, AWS CDK 

• AWS Storage Services – S3 

• AWS Compute Services – Lambda, EC2, EKS, ECS, ECR

• AWS Networking Services – VPC, Route53,  API Gateway, Direct Connect 

• AWS Developer Services – CodePipeline, CodeBuild, CodeCommit, CodeDeploy 

• AWS Management and Governance Services – Control Tower, Organizations, CloudWatch, Auto Scaling, Config, CloudTrail, Service Catalog, Systems Manager 

• AWS Security, Identity, Compliance Services – IAM, Inspector, KMS, Secrets Manager, Security Hub, Detective, GuardDuty, Macie, HSM, Certificate Manager, WAF & Shield, Firewall Manager, Detective 

• AWS Frameworks – Landing Zone 

The Company 

Vertical Relevance was founded to help business leaders drive value through the design and delivery of effective transformation programs across people, processes, and systems. Our mission is to help firms at any stage of their journey develop custom solutions for success and growth. We provide a full range of services from strategy and design through to implementation and training. Our collective industry expertise is our greatest asset - our professionals have an average of 20+ years’ experience within Financial Services, across Wealth Management, Asset Management, Insurance, and Banking. Within our Customer Experience practice, we add complementary industry expertise (technology and media) synergizing the most relevant and successful customer trends. We focus wholly on your success by first rigorously assessing your business and technology challenges, and then right-sizing solutions that provide a meaningful ROI. With our industry experts hitting the ground running and focusing on nimble, quality delivery, we can see rapid, tangible improvements with our clients in productivity and effectiveness. When it makes sense for your company, we leverage our product partnerships in the areas of CRM, Sales Acceleration, Predictive Analytics, Digital Knowledge Management, and Cloud Transformation. 

Vertical Relevance is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.