AWS Security & DevSecOps Roles & Responsibilities

 

·        Implemented AWS security best practices in various accounts like Test, UAT, Dev, Pre-prod, Prod, etc.

·        Automate security noncompliance, writing custom compliance rules & Monitoring excessive privileges.

·        Implemented initiative-taking & advanced initiative-taking controls in Aws accounts.

·        Analyze, investigate, and quickly identify the root cause of security findings or suspicious activities using native service Amazon Detective.

·        Managed and implemented various security services like IAM, 53-encryption, CloudTrail, KMS & KMS grants, Cloud­HSM, Cloud config, GuardDuty, Security Hub, Aws landing Zone, Aws-Inspector.

·        Discussed the vulnerabilities and its solution with developers, solution architect, and product managers.

·        Worked on networking security — DNS, Network (VPC/Subnets), VPN, Bastion Hosts, Security Groups, NACLS, ALB, WAF, DDoS

·        Implemented depth strategy for storage, Compute, Containers & EKS(Kubernetes) in AWS.

·        Identified vulnerabilities using Aws-inspector and determined gaps in the network from a best security standpoint in AWS cloud.

·        Created Security groups and whitelisting the IP's based on the request.

·      Securing the window from AWS and performing the Pentest.

·      Expert knowledge of AWS Cloud security architectures and infrastructure. _T

·      Designing, configuring, and/or developing security solutions for Aws environments using native services like (CioudTrail, KMS, GuardDuty, Security HUB, Inspector, Etc.)

·      Implementing IDS/IPS based solution for AWS Cloud.

·      Designing, and implementing multi-account strategies using AWS-Organization & Landing Zone.

·      Implementing security at AWS network level security(VPC, VPC-Endpoints, NACLS, SG's, Subnets, Transit VPC's, VPC peering, Etc.)

 DevSecOps --

·      Defining DevSecops strategies for clients.

·      Closely working with DevOps team, Developers & security-engineers team to implement security through pipeline.

·      Identified vulnerabilities and determined gaps in the network from a best security standpoint in AWS cloud.

·      Suggested remediation recommendations to mitigate identified vulnerabilities in DevSecops pipeline.

·      Provided comprehensive evaluation of overall application security & Infrastructure security posture in DevSecops.

·      Creating MSB (Minimum Security Baseline) for Aws Cloud.

·      Designing and creating process documents for Low risk/POC/test projects.

·      Writing automation scripts based on the re*rernent.