Job Description: AWS Cloud Security SME
Job Title
AWS Cloud Security Subject Matter Expert (SME)
Job Summary
We are seeking a highly skilled AWS Cloud Security SME to secure, monitor, and automate enterprise cloud environments. This role focuses on strengthening AWS security posture, building advanced threat detection mechanisms, supporting SOC operations, and ensuring compliance through audit-ready evidence and automated controls.
Key Responsibilities
AWS Security Architecture:
- Design secure AWS architectures across services like EC2, S3, RDS, Lambda, VPC
- Implement security controls aligned with AWS Well-Architected Framework (Security Pillar)
- Perform security reviews and hardening of cloud workloads
Web Application Security (WAF & Edge Protection)
- Design and implement AWS WAF protections for applications behind CloudFront / ALB
- Create and manage custom WAF rules (SQLi, XSS, IP filtering, rate limiting, bot mitigation)
- Integrate AWS WAF with AWS Shield for DDoS protection
- Continuously tune rules based on threat intelligence
Identity & Access Management (IAM)
- Implement IAM roles, policies, and least privilege principles
- Manage MFA, SSO, and federation
- Perform access reviews and privilege audits
Security Monitoring, SIEM Integration & SOC Operations
- Integrate AWS logs with SIEM platforms (Splunk, Sentinel, QRadar)
- Analyze logs from CloudTrail, VPC Flow Logs, CloudWatch, and WAF
- Support SOC operations including alert triage and incident handling
- Develop SIEM use cases and dashboards
Threat Detection & Incident Response
- Configure GuardDuty, Security Hub, Inspector, AWS Config
- Develop incident response playbooks
- Perform root cause analysis and remediation
Audit, Compliance & Evidence Management
- Support ISO 27001, SOC 2, PCI-DSS, GDPR audits
- Collect and maintain audit evidence from AWS environments
- Map AWS controls to CIS and NIST frameworks
- Automate evidence collection
Scripting, Automation & SOAR Integration
- Develop scripts using Python, Bash, PowerShell
- Automate security checks, compliance validation, and log analysis
- Build remediation workflows using Lambda, EventBridge, Step Functions
- Integrate with SOAR platforms
DevSecOps & Infrastructure Security
- Integrate security into CI/CD pipelines
- Use Terraform / CloudFormation securely
- Implement container security (EKS, Docker)
- Manage secrets using AWS Secrets Manager
Vulnerability & Configuration Management
- Perform scans using AWS Inspector, Qualys, Nessus
- Use AWS Config for compliance monitoring
- Remediate misconfigurations
Required Skills
- Strong AWS security expertise (IAM, WAF, GuardDuty, Security Hub, Config)
- Experience with SIEM tools and SOC environments
- Strong scripting skills (Python, Bash, PowerShell)
- Knowledge of compliance frameworks (ISO 27001, SOC 2, PCI-DSS, NIST, CIS)
Qualifications
- Bachelor's degree in Computer Science / IT / Cybersecurity
- 10+ years of experience in cybersecurity or cloud security
- Strong AWS hands-on experience
Certifications (Preferred)
- AWS Certified Security – Specialty
- AWS Certified Solutions Architect
Soft Skills
- Strong analytical and problem-solving abilities
- Effective communication skills
- Ability to work in high-pressure environments
Key Outcomes
- Improved AWS security posture
- Reduced vulnerabilities and incidents
- Successful audit compliance
- Faster incident response times
