SECURITY SPECIALIST
dikshatek-3
Contractmid
Job description
Position: Security Specialist
Hiring: Contract based
Location: Hanoi, Vietnam
Working model: Remote - prefer base in Hanoi
JD & Deliverables: below
Man-day estimation: 38
Payment requirement: when all Deliverables are delivered and met expectations
Tentative start month: July 2024
Scope
Our client is a leading financial institution dedicated to providing innovative banking solutions. As we transition our on-premises infrastructure to the cloud, we seek a skilled Security Specialist to ensure our migration to AWS is secure and compliant with industry standards such as PCI DSS.
The Security Specialist will play a crucial role in our cloud migration project, focusing on securing workloads and ensuring compliance with security standards. The ideal candidate will have extensive experience in AWS, a deep understanding of security practices, and knowledge of regulatory requirements, especially PCI DSS.
Key Responsibilities:
Lead, implement and maintain including Cloud Security Solutions from AWS, next generation firewalls, application firewall/DDoS, container security and the Web Application Firewall (WAF) the security strategy for migrating on-premises workloads to AWS.
• On-Premises Assessment
• Conduct risk assessments and vulnerability analyses to identify potential security threats.
• Document all aspects of database management, including design, configuration, maintenance, and troubleshooting.
• Strategy Development
• Work with other Delivery team members to provide security input for Migration Strategy
• Collaborate with stakeholders to align migration strategy with business objectives and technical requirements.
• Migration
• Configure, implement, and support security software/systems that will help ensure compliance in AWS cloud environments. Develop and enforce security policies and procedures to ensure compliance with PCI DSS and other relevant standards.
• Collaborate with the cloud architecture team to design and implement secure cloud solutions.
• Monitor and audit AWS environments to ensure continuous security compliance.
• Respond to security incidents and guide mitigation strategies.
• Stay updated with the latest security trends, threats, and technologies.
• Testing and Quality Assurance
• Perform sample runs and test data ingestion, processing
• Create and execute test cases to validate data accuracy and performance
• Performance Optimization
• Monitor system performance and identify bottlenecks
• Optimize Security configurations where needed
• Transition to Client
• Handover all necessary documentation and knowledge to the customer team
• Assist with the transition process and provide ongoing support if required
• Provide training and support to internal teams on cloud security best practices.
Required Skills and Qualifications:
• Technical Skills
• Solutions Architect - Associate or Professional, AWS Security Speciality
• Minimum of 4+ years experience in implementation and operationalizing cloud security solutions/infrastructure
• Proven experience in migrating on-premises workloads to AWS.
• In-depth knowledge of AWS services and security features.
• Strong understanding of PCI DSS and experience ensuring compliance in cloud environments.
• Proficiency in conducting security risk assessments and implementing mitigation strategies.
• Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and encryption.
• Relevant certifications such as AWS Certified Security Specialty, CISSP, CISM, or PCI Professional (PCIP) are highly desirable.
• Preferred Skills:
• Excellent problem-solving skills and the ability to work under pressure.
• Knowledge of DevSecOps practices and tools.
• Strong communication and interpersonal skills.
• Ability to work collaboratively in a team environment.
Project Deliverables
• Migration : Successfully migrates the on-premises database to AWS.
• Current State Assessment Report : A detailed comprehensive security strategy and conduct risk assessments for AWS migration.
• Migration Strategy Document: A strategic roadmap for migrating on-premise applications to AWS Cloud, including timelines, resource requirements, and cost estimates.
• Migration Plan: Detailed migration plans for each application, including AWS service selection, architecture design, and implementation steps.
• Incident response plan for the AWS environment.
• Risk Assessment and Mitigation Plan: Identification of potential challenges and risks, along with mitigation strategies.
• Monitoring and audit reports to ensure continuous compliance and threat mitigation.
• Migration Runbooks: Comprehensive runbooks for migration processes, including
• Inventory list
• pre-migration, migration, and post-migration steps.
• Environment setup: Creation and configuration of the AWS environment, including database cluster, backup solution
• Training and Knowledge Transfer Materials: Documentation to support training and knowledge transfer to internal teams and client personnel.
• All document compliance with PCI DSS and other relevant security standards.