AWS Security Lead

Job Summary:

We are seeking an experienced and highly skilled AWS Security Lead with expertise in Threat Modeling to join our dynamic team. The ideal candidate will have a deep understanding of cloud security principles, threat modeling methodologies, and AWS security best practices. This individual will work closely with development, engineering, and security teams to proactively identify and mitigate potential threats in our cloud-based infrastructure.

The AWS Security Lead (Threat Modeling) will be responsible for conducting risk assessments, defining security requirements, and building threat models to guide security architecture and design in AWS environments. This role requires a strategic thinker with hands-on experience in AWS security, threat modeling, and a passion for securing cloud-native applications.

Key Responsibilities:

Threat Modeling & Risk Assessments

• Lead the development of threat models for AWS-based applications and infrastructure.
• Conduct regular threat assessments and risk analyses for new and existing systems.
• Collaborate with development, architecture, and DevOps teams to design security into the cloud-native architecture.
• Create detailed reports, diagrams, and other documentation to communicate threat models, risk levels, and mitigation strategies.

Security Architecture & Best Practices

• Define security requirements for cloud-based applications and infrastructure, ensuring alignment with AWS security best practices.
• Work closely with engineering teams to integrate security controls throughout the software development lifecycle (SDLC).
• Evaluate and recommend security tools, platforms, and frameworks for effective threat detection, prevention, and response.

Cloud Security Leadership

• Serve as the subject matter expert on AWS security and threat modeling methodologies.
• Provide guidance on cloud security principles, including identity and access management (IAM), data protection, network security, and incident response in AWS environments.
• Stay current on the latest cloud security trends, AWS security features, and emerging threats.

Collaboration & Cross-functional Communication

• Partner with other security leaders to ensure security considerations are integrated into all stages of development and deployment.
• Assist in building a culture of security awareness across engineering and operations teams.
• Lead workshops and training sessions to raise security awareness and improve threat modeling practices within the organization.

Incident Response & Vulnerability Management

• Lead post-incident reviews related to security breaches or vulnerabilities in AWS infrastructure.
• Assist in the identification and resolution of security vulnerabilities related to AWS resources.
• Collaborate with the Incident Response team to help identify root causes and implement lessons learned.

Required Qualifications:

Education:

• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications or equivalent practical experience is a plus.

Experience:

• 7+ years of experience in information security, with a focus on AWS cloud security, threat modeling, and risk management.
• Proven experience leading threat modeling exercises and designing secure systems within AWS.
• Proven experience with Wiz, Turbot, Custom Rego Policies, Custom Org Constraints, and AWS GraphQL.
• Deep knowledge of AWS security services (e.g., AWS IAM, VPC, KMS, GuardDuty, Security Hub, Inspector).
• Hands-on experience with cloud-native security tools, frameworks, and standards (e.g., CIS AWS Foundations Benchmark, NIST, OWASP).
• Experience with secure SDLC practices and DevSecOps methodologies.

Technical Skills:

• Strong knowledge of threat modeling methodologies (e.g., STRIDE, PASTA, OCTAVE).
• Familiarity with cloud-native security tools for monitoring, vulnerability management, and threat detection.
• Understanding of encryption, tokenization, and data protection strategies in the cloud.
• Expertise in IAM and access controls, including role-based access control (RBAC), policies, and permissions in AWS.

Certifications (Preferred):

• AWS Certified Security – Specialty.
• Certified Information Systems Security Professional (CISSP).
• Certified Cloud Security Professional (CCSP).
• Certified Information Security Manager (CISM).