Responsibilities:

1. Collaborate with cross-functional teams to understand business requirements and design scalable and secure AWS solutions.
2. Architect, design, and implement cloud security solutions to protect sensitive information and ensure compliance with industry standards.
3. Provide expertise in identity and access management, encryption, network security, and other security-related AWS services.
4. Conduct security assessments including penetration tests and recommend enhancements to address vulnerabilities and mitigate risks.
5. Conduct regular system audits to identify vulnerabilities and ensure compliance with security standards.
6. Develop and maintain our incident response plan, including monitoring systems for anomalies and responding to security incidents.
7. Work closely with development and operations teams to integrate security controls into the CI/CD pipeline.
8. Stay up to date on industry best practices, AWS security features, and emerging threats to continually improve the security posture of our systems.
9. Develop and deliver security training and awareness programs to staff.
10. Assist in the creation and maintenance of security policies, procedures, and documentation.

Minimum Requirements:

1. CISSP certified.
2. Proven experience as a Cybersecurity Engineer with a focus on security in AWS.
3. In-depth knowledge of AWS services, including but not limited to EC2, S3, Lambda, IAM, VPC, KMS, Cloud Watch, and Cloud Trail.
4. Strong understanding of security principles, best practices, and standards in cloud environments.
5. Experience with designing and implementing secure, multi-tier, highly available architectures on AWS.
6. Ability to perform security audits on applications even though they are not hosted on the cloud.
7. Knowledge in fundamental database security and application security to address vulnerabilities such as Cross-Site Scripting, Cross-Site Request Forgery, SQL Injection, HTML Injection, etc.
8. Familiarity with compliance frameworks such as GDPR, HIPAA, and SOC 2.
9. Hands-on experience with security tools and technologies, such as AWS Security Hub, Guard Duty, and WAF.
10. Knowledge of disaster recovery, computer forensic tools, technologies, and methods.
11. Excellent communication and collaboration skills with the ability to explain complex security concepts to technical and non-technical stakeholders.
12. Other certifications such as CISM, CEH, Comp TIA Security+, or similar will be advantageous.