AWS DevSecOps /Security & Compliance Cloud Consultant

Remote Full-time
Summary
Vertical Relevance is looking for an AWS Security & Compliance Consultant, to join our team as a full-time employee in our work remotely. This person is responsible for the end-to-end planning, building, and deploying of software systems. He/she will be able to drive the programming of well-constructed, testable code.
As an AWS Security & Compliance Consultant, you will implement technical solutions as part of a team for customer engagements. This role requires strong teamwork, communication, patience and organization skills needed to drive customer success.
At Vertical Relevance we deliver with excellence through teamwork, automating everything, constantly learning and taking ownership for the outcomes our customers experience. Are you ready to join the team?
Responsibilities
Help customers shape their journey to adopting the cloud and provide our customers with technical and strategic guidance on their “cloud journey”.

Consult, plan, design, and implement security solutions on the cloud customers
Design and automate security and compliance solutions

Become a deep technical resource that earns our customer's trust

Develop high-quality technical content such as automation tools, reference architectures, and white papers to help our customers build on the cloud

Innovate on behalf of customers and translate your thoughts into action yielding measurable results.

Support solution development by conveying customer needs and feedback as input to technology roadmaps. Share real world implementation challenges and recommend expansion of capabilities through enhanced and new offerings.
Assist with technical briefs that document solutions

Assist with reference architecture implementations

Support internal and external brand development through thought leadership:
Work with Marketing/Alliances to write blog posts

Work with Marketing/Alliances to develop internal case studies

Qualifications
Professional experience architecting/operating automated Security & Compliance / DevSecOps solutions built on AWS Experience in software/technology customer facing experience

Knowledge of NIST 800-53, CIS, ·
Proficiency in policy-as-code frameworks (OPA) ·
Experience designing compliance-as-code strategies and custom controls (SCPs, Config Rules)
Strong audit-readiness advisory and evidence-collection expertise
Skilled in risk management, stakeholder alignment, and executive reporting
Familiarity with Agile project governance and backlog management
Lead discovery workshops to identify in-scope controls, services, and stakeholders
Sample Activities You’ll Do
Creating a Self-Service Account Framework
Assist Customer with organizational hierarchy design and configuration templates

Assist Customer in the development of referenceable playbooks, supported by relevant code examples

Assist Customer in the development of sample runbooks to automate the implementation of AWS account setup and configuration
Account Framework - Developing an automated Continuous Delivery Pipeline framework that will be used to establish AWS Accounts to configured, tested infrastructure on AWS in a repeatable, reliable and secure manner eliminating the need for manual intervention.

Security Control Policies - Development of the Service Control Policies and account baselines associated with the Customer’s security and compliance requirements

Assist Customer with the development of a report and supporting sample code addressing the controls as part of the playbook

Creating Security Threat Analytics and Dashboard Solutions
Creating a framework to automatically gather, transform and interpret security event data in AWS.

Selecting, defining, identifying security requirements and determine where:
Macie can be leveraged

GuardDuty can be leveraged

Inspector can be leveraged

Security Hub can be leveraged

Alternative security products can be leveraged

Codify the provisioning of security analytics and reporting workflow:
Implement Security Hub with in a central account with inputs from all accounts

Implement GuardDuty for global security events

Implement Macie for detection of sensitive data in 23 buckets

Develop AWS Config rules to enforce security configurations in CIS AWS Foundations standard

Implementing Inspector to gather findings from EC2 instances

Enable CloudTrail for monitoring API activity

Enable FlowLogs for VPC traffic

Creating a Self-Service Compliance Framework
Selecting tools for building Policy-as-Code controls (preventative, detective, and responsive)

Development of referenceable playbooks, supported by relevant code examples for controls

Development of sample runbooks to automate the implementation of controls:
Policy Definition – Identification and documentation of Customer Policy in the form of specific statements that must be true about configuration of AWS resources

Policy-as-Code Development – Development of the logical tests associated with each of the policies established to be used to assert the configuration state of infrastructure on AWS in order to block a build in the pipeline, take automated reactive action, or alert on violations to the policy

Framework Development – A design allowing for the execution of logical tests against infrastructure code or running AWS infrastructure in order to assert the configuration state of infrastructure resources on AWS and block a build in the pipeline, take automated reactive action, or alert on violations to the policy

Development of a report and supporting sample code addressing the controls as part of the playbook

Relevant Technical Tools
Primary Languages – Python, Java, Bash

Tooling, Services & Libraries – Jenkins, Gitlab, Terraform, Vault, Git, Splunk, OWASP, Trend Micro, Palo Alto, Fortify, Twistlock, Aqua Security
Python AWS security services (Control Tower, Security Hub, GuardDuty, AWS Config, Audit Manager) OPA, CloudFormation-guard
Knowledge of NIST 800-53, CIS, ·
Proficiency in policy-as-code frameworks (OPA) ·
Experience designing compliance-as-code strategies and custom controls (SCPs, Config Rules) · Strong audit-readiness advisory and evidence-collection expertise ·
Skilled in risk management, stakeholder alignment, and executive reporting ·
Familiarity with Agile project governance and backlog management

Relevant AWS Services
AWS Infrastructure Scripting – CloudFormation, AWS CLI, AWS CDK

AWS Storage Services – S3

AWS Compute Services – Lambda, EC2, EKS, ECS, ECR

AWS Networking Services – VPC, Route53, API Gateway, Direct Connect

AWS Developer Services – CodePipeline, CodeBuild, CodeCommit, CodeDeploy

AWS Management and Governance Services – Control Tower, Organizations, CloudWatch, Auto Scaling, Config, CloudTrail, Service Catalog, Systems Manager

AWS Security, Identity, Compliance Services – IAM, Inspector, KMS, Secrets Manager, Security Hub, Detective, GuardDuty, Macie, HSM, Certificate Manager, WAF & Shield, Firewall Manager, Detective

AWS Frameworks – Landing Zone

The Company
Vertical Relevance was founded to help business leaders drive value through the design and delivery of effective transformation programs across people, processes, and systems. Our mission is to help firms at any stage of their journey develop custom solutions for success and growth. We provide a full range of services from strategy and design through to implementation and training. Our collective industry expertise is our greatest asset - our professionals have an average of 20+ years’ experience within Financial Services, across Wealth Management, Asset Management, Insurance, and Banking. Within our Customer Experience practice, we add complementary industry expertise (technology and media) synergizing the most relevant and successful customer trends. We focus wholly on your success by first rigorously assessing your business and technology challenges, and then right-sizing solutions that provide a meaningful ROI. With our industry experts hitting the ground running and focusing on nimble, quality delivery, we can see rapid, tangible improvements with our clients in productivity and effectiveness. When it makes sense for your company, we leverage our product partnerships in the areas of CRM, Sales Acceleration, Predictive Analytics, Digital Knowledge Management, and Cloud Transformation.
Vertical Relevance is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

Apply To This Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Part-Time Apple Customer Support Specialist – Remote Customer Service Representative (Flexible Work From Home)

Remote

Experience Designer, Offline Design

Remote

HVAC/R Service Technician - Light Commercial

Remote

**Experienced Part-Time Remote Data Entry Clerk – Career Growth Opportunities in IT and Customer Service**

Remote

Manager, Contact Center Operations job at Jerry Insurance Agency in US National

Remote

Customer Service Representative

Remote

Associate Director, Project Manager

Remote

Experienced Part-Time Data Entry Specialist – Evening Shift

Remote

[Hiring] Apheresis Telerecruitment Representative @American Red Cross

Remote

VP, Global Applied Intelligence

Remote
← Back