Key Responsibilities:
- Develop and maintain in-house open-source AWS scanner tools written in Python, deployed as AWS Lambdas, with full unit test coverage.
- Integrate compliance alerting tools with Slack and PagerDuty for real-time security notifications.
- Build and manage Python-based AWS Lambda tools for monitoring and alerting on AWS CloudTrail events, focusing on sensitive role assumptions and API activity.
- Manage multi-account AWS IAM roles and assess IAM security risks, including privilege escalation and Service Control Policies.
- Maintain internal open-source tools written in Go and Java, deployed as AWS Lambdas.
- Architect and implement AWS security services such as Session Manager, Config, and GuardDuty to enhance platform security posture.
- Collaborate with platform teams to identify and mitigate risks, conduct threat modelling, and provide security guidance.
- Assess CVEs and vulnerabilities for Linux and other software used within the platform.
Essential Skills & Experience:
- Expertise in AWS platform security and architecture.
- Proficiency in Python for developing AWS Lambda functions.
- Experience with Infrastructure as Code (IaC) and DevSecOps practices.
- Strong understanding of AWS IAM, CloudTrail, Config, GuardDuty, and Lambda.
- Knowledge of Bitwarden and integration with user management systems.
- Familiarity with CVE assessment and Linux security.
Desirable:
- Strong communication and stakeholder engagement skills.
- Experience in government or regulated environments.
- Ability to work independently and proactively in a remote-first team.