AWS Cloud Security Architect / Remote
Posted 5 days ago by 1760442012
Negotiable
Outside
Remote
USA
Summary: The AWS Cloud Security Architect role focuses on providing advisory services for cybersecurity standards specific to AWS IaaS, with a particular emphasis on SAP within that environment. The position involves collaboration between company and contractor personnel to ensure timely delivery of advisory services. The contractor will assist in drafting standards related to AWS IaaS security configurations, patching, vulnerability management, and identity and access management. Additional responsibilities may include supporting the development of a RACI for securing IaaS across platforms.
Key Responsibilities:
- Provide advisory services for securing AWS IaaS and drafting cybersecurity standards.
- Focus on SAP application security within AWS IaaS.
- Assist in drafting standards on AWS IaaS security configurations, patching, and vulnerability management.
- Support the development of a RACI for securing IaaS.
- Advise on various security domains and associated topics related to AWS IaaS.
Key Skills:
- Expertise in AWS IaaS security configurations.
- Knowledge of SAP application security on AWS.
- Experience with AWS IaaS patching and vulnerability management.
- Familiarity with Identity and Access Management (IAM) in AWS.
- Ability to develop RACI matrices for security processes.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
AWS Cloud Security Architect
Remote PST Preferred
Job Description
The primary objective is to provide advisory services for securing and drafting cybersecurity standards specific to AWS IaaS. SAP in AWS IaaS will be a specific focus for one of the drafted standards.
The project will be a collaboration between Company and Contractor personnel, working at the direction of the Company, to achieve the timely delivery of in-scope advisory services.
Should time allow the draft cybersecurity standards the Contractor will assist with include the following topics:
- AWS IaaS security-related configurations
- SAP application security on AWS IaaS
- AWS IaaS patching
- AWS IaaS vulnerability management
- AWS IaaS Identity and Access Management (IAM)
- Should time allow, Contractor will also support the development of a RACI (Responsible, Accountable, Consulted, Informed) pertaining to securing IaaS, regardless of platform, from prebuild through to run state.
- Should time allow, the Parties will focus their efforts, but shall not be limited by, the Security Domains and associated topics identified below when advising on securing AWS IaaS:
| Security Domain | Associated Topics | | --- | --- | | Identity and Access Management | User Permissions | | Enterprise Role Integrations | | Security Basics | | Policy Hygiene Audit | | Policy Hygiene Remediation | | Policy Hygiene Reporting | | Setup of SAP GRC Emergency Access Management and Firefighter IDs (if required) | | Configuration of parameters within the PAM solution in line with the design (session logging, account vaulting, and JIT provisioning) | | Connector between SAP and the PAM solution | | Test cases to validate SAP integration | | Deployment of the PAM tool to the Prod SAP environment | | Logging and Monitoring | Enablement of key logs | | AWS SIEM Integration | | SAP SIEM Integration | | Identification of security events and creation of alerts | | SOC/IR playbooks to respond to alerts | | Incident Responses | Response Plans | | Indicators of Compromise (IoCs) | | Tabletop Exercises | | Network & Platform Security | Instance egress policy | | Firewall policy | | Configuration monitoring | | Review and validation of SAP configuration | | Data Protection | | Vulnerability Management / Compliance & Governance | Vuln & Compliance Monitoring | | Vuln & Compliance Reporting | | Vuln & Compliance Remediation | | Deployment of technical guardrails to environment |