DevSecOps Consultant

Career Opportunity: Job Title: DevSecOps Consultant About CodeForce 360 Making a career choice is amongst the most critical choices one can make, and it's important for the choice to be calculated with factors such as a company's run of success since its inception and more. But, when you come across a company that has reputation proven with nothing but an illustrious run of success since the day it began, you don't need to think of anything else. That's precisely what some of our employees and prospective employees think when they came across CodeForce 360. Position Overview DevSecOps Consultant Requirements:

• This role will be a DevSecOps role that focuses on execution and implementation in an AWS cloud environment.
• This person will be working with both the DevOps and development teams to implement security controls that are defined by our security organization for our AWS environments.
• Our AWS environment consists of multiple AWS accounts, 20+ VPCs, 1700+ instances, and several hundred DynamoDB tables and Lambda functions.
• This person must be a self-starter and not require much supervision since they will be working remotely.
• There will be interaction with other teams for coordination and information gathering, but the overwhelming percentage of time will be spent in researching the appropriate solution and implementation.
• Implementation of these security controls will require strong skills in automation as all controls must be implemented via automation (either CloudFormation or configuration management tools).
• While this role is focused on AWS security, some general operational knowledge is required as well as many of our applications in AWS integrate with on-prem applications.
• Some examples of the responsibilities will include:
• Receiving requirements for implementing a security control, researching the proper solution, coordinating the implementation via change management procedures, and implementing the solution.
• Log Analysis - Our organization uses Splunk and all applications log to Splunk, so it will be common to analyze logs to look for potential threats.
• Implementing IAM access via IAM roles. This will involve using tag-based authorization and other security practices for following least-privileged principals for securing access to AWS services such as API Gateway, Lambda, S3, DynamoDB, CloudFormation, etc.
• OS hardening - Implementing security controls for both Linux and Windows EC2 instances.
• Application hardening - Implementing secure configurations for application tools such as nginx, IIS, custom application and middleware servers, etc.
• Creating CloudFormation stacks for resources such as KMS Keys, S3 buckets, IAM policies, and other AWS resources.
• Creating automated audit processes for identifying insecure configurations.
• Analyzing results from Nessus scans and identifying solutions for securing custom applications and databases.

• Strong communication and documentation skills for working with various teams.
• Cloud Security - general best practices for AWS.
• Strong application security knowledge.
• AWS Security - IAM, TLS, ACM, KMS, security groups, NACLs, and GuardDuty.
• Git - implementation of controls is done via automation, we use a git-backed SCM.
• Automation - must have strong scripting knowledge in either PowerShell or Python, and configuration management knowledge with either Puppet or Ansible.
• OS knowledge in both Linux (Ubuntu and RedHat) and Windows.
• Web and application server working knowledge for nginx and IIS.