In this role, you will be responsible for ensuring the security, compliance, and resilience of our infrastructure and applications. You will work closely with cross-functional teams to monitor, respond to, and remediate security incidents across our cloud-native ecosystem.
Responsibilities:
Security Monitoring & Incident Response
- Oversee and respond to alerts from AWS GuardDuty, ensuring timely investigation and remediation of incidents.
- Execute security playbooks to handle alerts, and enhance them based on evolving threats and operational insights.
Vulnerability & Patch Management
- Coordinate the identification and application of security patches across GitLab, AWS, and Kubernetes components.
- Ensure that our infrastructure remains resilient to new vulnerabilities through regular patch cycles and proactive risk assessments.
Log Analysis & SIEM Management
- Conduct weekly SIEM reviews to analyze security logs, detect anomalies, and escalate issues as necessary.
- Collaborate with the SecOps team to refine monitoring strategies and alerting thresholds.
Reporting & Documentation
- Prepare monthly SecOps reports summarizing incident trends, response actions, and areas for improvement.
- Maintain and update documentation related to security processes, incident response, and playbooks.
Collaboration & Continuous Improvement
- Work closely with development, operations, and other security teams to integrate security best practices into CI/CD pipelines and cloud deployments.
- Proactively contribute to security strategy discussions, sharing insights and recommendations for enhanced security posture.
Requirements:
- Proven experience managing cloud security, particularly within AWS environments (including GuardDuty, IAM, and other AWS security services).
- Solid background in securing Kubernetes clusters (preferably on EKS) including experience with container security best practices.
- Experience with SIEM tools and log analysis for threat detection.
- Proficiency in applying security patches and vulnerability management across cloud and containerized environments.
- Familiarity with CI/CD pipelines (GitLab or equivalent) and integrating security into DevOps practices.
- Hands-on experience with incident response, including following and refining security playbooks.
- Working knowledge of networking, encryption, and other fundamental security concepts.
- Security certifications for AWS (such as AWS Certified Security Specialty) and Kubernetes (such as Certified Kubernetes Security Specialist or equivalent) are highly desirable.