Back to jobs

SECURITY SPECIALIST

dikshatek-3
Contractmid

Job description

Position: Security Specialist Hiring: Contract based Location: Hanoi, Vietnam Working model: Remote - prefer base in Hanoi JD & Deliverables: below Man-day estimation: 38 Payment requirement: when all Deliverables are delivered and met expectations Tentative start month: July 2024 Scope Our client is a leading financial institution dedicated to providing innovative banking solutions. As we transition our on-premises infrastructure to the cloud, we seek a skilled Security Specialist to ensure our migration to AWS is secure and compliant with industry standards such as PCI DSS. The Security Specialist will play a crucial role in our cloud migration project, focusing on securing workloads and ensuring compliance with security standards. The ideal candidate will have extensive experience in AWS, a deep understanding of security practices, and knowledge of regulatory requirements, especially PCI DSS. Key Responsibilities: Lead, implement and maintain including Cloud Security Solutions from AWS, next generation firewalls, application firewall/DDoS, container security and the Web Application Firewall (WAF) the security strategy for migrating on-premises workloads to AWS. • On-Premises Assessment • Conduct risk assessments and vulnerability analyses to identify potential security threats. • Document all aspects of database management, including design, configuration, maintenance, and troubleshooting. • Strategy Development • Work with other Delivery team members to provide security input for Migration Strategy • Collaborate with stakeholders to align migration strategy with business objectives and technical requirements. • Migration • Configure, implement, and support security software/systems that will help ensure compliance in AWS cloud environments. Develop and enforce security policies and procedures to ensure compliance with PCI DSS and other relevant standards. • Collaborate with the cloud architecture team to design and implement secure cloud solutions. • Monitor and audit AWS environments to ensure continuous security compliance. • Respond to security incidents and guide mitigation strategies. • Stay updated with the latest security trends, threats, and technologies. • Testing and Quality Assurance • Perform sample runs and test data ingestion, processing • Create and execute test cases to validate data accuracy and performance • Performance Optimization • Monitor system performance and identify bottlenecks • Optimize Security configurations where needed • Transition to Client • Handover all necessary documentation and knowledge to the customer team • Assist with the transition process and provide ongoing support if required • Provide training and support to internal teams on cloud security best practices. Required Skills and Qualifications: • Technical Skills • Solutions Architect - Associate or Professional, AWS Security Speciality • Minimum of 4+ years experience in implementation and operationalizing cloud security solutions/infrastructure • Proven experience in migrating on-premises workloads to AWS. • In-depth knowledge of AWS services and security features. • Strong understanding of PCI DSS and experience ensuring compliance in cloud environments. • Proficiency in conducting security risk assessments and implementing mitigation strategies. • Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and encryption. • Relevant certifications such as AWS Certified Security Specialty, CISSP, CISM, or PCI Professional (PCIP) are highly desirable. • Preferred Skills: • Excellent problem-solving skills and the ability to work under pressure. • Knowledge of DevSecOps practices and tools. • Strong communication and interpersonal skills. • Ability to work collaboratively in a team environment. Project Deliverables • Migration : Successfully migrates the on-premises database to AWS. • Current State Assessment Report : A detailed comprehensive security strategy and conduct risk assessments for AWS migration. • Migration Strategy Document: A strategic roadmap for migrating on-premise applications to AWS Cloud, including timelines, resource requirements, and cost estimates. • Migration Plan: Detailed migration plans for each application, including AWS service selection, architecture design, and implementation steps. • Incident response plan for the AWS environment. • Risk Assessment and Mitigation Plan: Identification of potential challenges and risks, along with mitigation strategies. • Monitoring and audit reports to ensure continuous compliance and threat mitigation. • Migration Runbooks: Comprehensive runbooks for migration processes, including • Inventory list • pre-migration, migration, and post-migration steps. • Environment setup: Creation and configuration of the AWS environment, including database cluster, backup solution • Training and Knowledge Transfer Materials: Documentation to support training and knowledge transfer to internal teams and client personnel. • All document compliance with PCI DSS and other relevant security standards.