Security Specialist
Job Description:
Position: Security Specialist
Hiring: Contract based
Location: Hanoi, Vietnam
Working model: Remote - prefer base in Hanoi
JD & Deliverables: below
Man-day estimation: 38
Payment requirement: when all Deliverables are delivered and met expectations
Tentative start month: July 2024
Scope
Our client is a leading financial institution dedicated to providing innovative banking solutions. As we transition our on-premises infrastructure to the cloud, we seek a skilled Security Specialist to ensure our migration to AWS is secure and compliant with industry standards such as PCI DSS.
The Security Specialist will play a crucial role in our cloud migration project, focusing on securing workloads and ensuring compliance with security standards. The ideal candidate will have extensive experience in AWS, a deep understanding of security practices, and knowledge of regulatory requirements, especially PCI DSS.
Key Responsibilities:
Lead, implement and maintain including Cloud Security Solutions from AWS, next generation firewalls, application firewall/DDoS, container security and the Web Application Firewall (WAF) the security strategy for migrating on-premises workloads to AWS.
- On-Premises Assessment
- Conduct risk assessments and vulnerability analyses to identify potential security threats.
- Document all aspects of database management, including design, configuration, maintenance, and troubleshooting.
- Strategy Development
- Work with other Delivery team members to provide security input for Migration Strategy
- Collaborate with stakeholders to align migration strategy with business objectives and technical requirements.
- Migration
- Configure, implement, and support security software/systems that will help ensure compliance in AWS cloud environments. Develop and enforce security policies and procedures to ensure compliance with PCI DSS and other relevant standards.
- Collaborate with the cloud architecture team to design and implement secure cloud solutions.
- Monitor and audit AWS environments to ensure continuous security compliance.
- Respond to security incidents and guide mitigation strategies.
- Stay updated with the latest security trends, threats, and technologies.
- Testing and Quality Assurance
- Perform sample runs and test data ingestion, processing
- Create and execute test cases to validate data accuracy and performance
- Performance Optimization
- Monitor system performance and identify bottlenecks
- Optimize Security configurations where needed
- Transition to Client
- Handover all necessary documentation and knowledge to the customer team
- Assist with the transition process and provide ongoing support if required
- Provide training and support to internal teams on cloud security best practices.
Required Skills and Qualifications:
- Technical Skills
- Solutions Architect - Associate or Professional, AWS Security Speciality
- Minimum of 4+ years experience in implementation and operationalizing cloud security solutions/infrastructure
- Proven experience in migrating on-premises workloads to AWS.
- In-depth knowledge of AWS services and security features.
- Strong understanding of PCI DSS and experience ensuring compliance in cloud environments.
- Proficiency in conducting security risk assessments and implementing mitigation strategies.
- Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and encryption.
- Relevant certifications such as AWS Certified Security Specialty, CISSP, CISM, or PCI Professional (PCIP) are highly desirable.
- Preferred Skills:
- Excellent problem-solving skills and the ability to work under pressure.
- Knowledge of DevSecOps practices and tools.
- Strong communication and interpersonal skills.
- Ability to work collaboratively in a team environment.
Project Deliverables
- Migration: Successfully migrates the on-premises database to AWS.
- Current State Assessment Report: A detailed comprehensive security strategy and conduct risk assessments for AWS migration.
- Migration Strategy Document: A strategic roadmap for migrating on-premise applications to AWS Cloud, including timelines, resource requirements, and cost estimates.
- Migration Plan: Detailed migration plans for each application, including AWS service selection, architecture design, and implementation steps.
- Incident response plan for the AWS environment.
- Risk Assessment and Mitigation Plan: Identification of potential challenges and risks, along with mitigation strategies.
- Monitoring and audit reports to ensure continuous compliance and threat mitigation.
- Migration Runbooks: Comprehensive runbooks for migration processes, including
- Inventory list
- pre-migration, migration, and post-migration steps.
- Environment setup: Creation and configuration of the AWS environment, including database cluster, backup solution
- Training and Knowledge Transfer Materials: Documentation to support training and knowledge transfer to internal teams and client personnel.
- All document compliance with PCI DSS and other relevant security standards.
Required Skills:
Test Data Mitigation Handover Estimates Firewalls Regulatory Requirements Steps Assurance Hiring Risk Assessment Timelines Test Cases Deliverables Features Architecture Optimization Interpersonal Skills Quality Assurance Banking Infrastructure Strategy Troubleshooting Security Materials Pressure Documentation Software Testing Maintenance Design Business Communication Training Management