AWS Expert Architect
AWS Expert Architect
Heredia, CR, 40101
Job description_
A day in this role_
- Serve as the security architect for AWS-hosted public applications, setting standards for edge security, identity, segmentation, observability, and resilient application design.
- Influence enterprise cloud strategy by balancing security, scalability, developer experience, and operational efficiency across public-facing application environments.
- Collaborate with cloud architects and DevOps teams to identify and remediate cloud misconfigurations, enforce security policies, and maintain secure cloud infrastructure for hosting web applications.
- Develop strategies to implement Web Application Firewalls (WAF), Cloud Native Application Protection Platforms (CNAPP) and Cloud Security Posture Management (CSPM) tools and integrate into the organization's security framework.
- Evaluate emerging AWS services and security capabilities, translating them into practical design patterns and governance controls for internet-exposed platforms.
- Establish application development security guidelines and best practices utilizing industry-standard security frameworks. Define, document and enforce clear guidelines for secure coding, vulnerability management, incident response, and application security.
- Act as the Subject Matter Expert (SME) in application security during enterprise project development phases, providing security consulting, recommendations, and ensuring adherence to approved security requirements.
- Collaborate with developers and software teams to embed security at every stage of the SDLC.
- Identify, prioritize, and devise mitigation strategies for application security vulnerabilities, implementing preventative measures to avoid future incidents.
- Integrate security tools, processes, and automation into the DevOps pipeline to enhance efficiency and scalability (DevSecOps).
- Develop robust security requirements for authentication and authorization, including credential storage, privilege management, and adherence to role- and attribute-based access control standards.
- Regularly monitor the security community for public-facing vulnerabilities, emerging threats, and new tactics to secure data transmissions and reduce attack exposure.
- Stay updated on the latest security trends, tools, and technologies.
- Attend and actively participate in application projects, change management meetings, and cross-functional discussions to ensure security is integrated from the outset.
- Align with architects and development teams to promote secure design and data integrity preservation across users, applications, and infrastructure.
- Foster the growth of application security champions within development teams to build a culture of security awareness and accountability.
- Lead and participate in security team meetings to facilitate secure design and development practices.
- Develop strong relationships with stakeholders to ensure ongoing commitment to security initiatives.
- Actively engage in information security projects to evaluate existing security infrastructure and proposed changes, as defined by security leadership and software architects.
The expertise requested_
- 3+ years of work experience in cybersecurity, especially in a web application security engineer or security architect role
- 3+ years of work experience securing deployment and configuration of web applications in an AWS environment
- 3+ years’ experience in performing penetration testing, secure code review, static, dynamic and manual source code review
- 3+ years’ experience in identifying and remediating common web application vulnerabilities such as OWASP
- 3+ years hands-on experience with Web Application Scanning Tools
- Proficient in software development (Java, Python, C#, etc.)
- Experience with web development technologies and frameworks (REST, JSON, XML, JavaScript, React, etc.)
- Experience with securing intra-company and third-party APIs.
- DevOps background in public and private clouds.
- Experience in implementing Web Application Firewalls (WAF)
- Experience with CNAPP and CSPM tools
- Solid understanding of network and web protocols.
- Experience with technical documentation
- Proven excellence in communicating business risk from cybersecurity topics.
- Excellent communication and collaboration skills to work effectively with cross-functional teams.
- Bachelor’s degree, preferably in a technical, scientific, or analytical discipline.
- Candidates must be eligible to work in the US without sponsorship.
Desired or nice to have expertise_
- At least 5+ years’ experience in cybersecurity preferred, including compliance and risk management with system and application security engineering.
- Experience with one or more of the following: ISO 27001, NIST, SOX, GDPR, CIS or SOC2.
- Cybersecurity training and certification: SANS certifications (GWEB, GSEC), CISSP, CCSP and/or CSSLP, OSCP (and related).
- 2+ years’ experience with SQL, KQL or Splunk
Our Core values are focus to inclusion and diversity, all qualified applicants will be considered for employment and will go thru a fair recruitment process regardless of their race, religion, gender identity, sexual orientation, national origin or disability status.
Your journey with us begins here!!