Role : Python AWS Engineer
Location : Hybrid to Plano, TX, Mclean, VA
Contract : W2
Job Description
1 Requirement : CSPM At least 2 years of experience working with a Cloud Security Posture Management tool (Cloud Custodian, Wiz, Aqua Security, Prisma Cloud, etc)
2 and #3 Requirement : Python and AWS
Project Scope :
- Onboard and manage new cloud services, primarily from AWS, for the organization
- Partner with the cybersecurity risk team to analyze risks associated with new cloud services
- Implement detection and prevention measures using the tool Cloud Custodian This is a Cloud Security Posture Management tool
- Contribute to the open-source Cloud Custodian project by writing Python code to address gaps in the tool's capabilities as it pertains to AWS services needing onboard
- Manage a backlog of 50 cloud services that need to be recertified every 2 years if they win the Discover work they will need to do this for all of the AWS services not currently certified to their standards
- Ensure that changes to existing cloud services are properly assessed and addressed
Required Skill Set :
- Strong Python development skills for automation and tuning of
- Experience with AWS services and concepts, such as EC2, IAM, networking, and data sharing we are not needing a cloud engineer here.
We are needing someone who understands these services and the policies needing enforced surrounding their use
- Understanding of identity and access management (IAM) basics, including roles and policies
- Familiarity with DevOps and SecOps practices
- Ability to write code that interacts with cloud service APIs, particularly AWS API libraries
- Passion for security and a desire to work in a behind-the-scenes, "thankless" role that isn’t front end focused
- Preference for candidates with prior DevOps or cloud infrastructure experience
The ideal candidate would be someone strong working with Python and a strong background in cloud infrastructure and security.
The organization is particularly interested in candidates who have a passion for DevOps and SecOps, as this role is focused on protecting the enterprise infrastructure rather than building customer-facing applications.