- Architect and provide guidance, and direction in the design, develop and implement automated solutions, based on a set of standards and processes, that enable Wolters Kluwer Technical and DevOps teams to easily consume security and compliance services delivered by the Global Information Security.
- Collaborate and support Wolters Kluwer Technology Engineers, Architects, and teams in implementing a comprehensive cloud and application security program with a focus on DevOps and Cloud environments.
- Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines.
- Architect automated security and compliance services which support DevOps processes and other Cloud environments.
- Review code, which are used to support infrastructure as code, work with mutable and immutable environments, and build the supporting automated toolsets necessary to support the secure continuous delivery pipeline.
- Integrate security practices across the continuous delivery pipeline to provide a comprehensive automated cloud and application security solution from the epic definition, development, test and deploy of WK Applications within Azure, AWS and Softlayer environments.
- Create and maintain of DevOps and Cloud security standards by creating templates and patterns for ease of use and increase the productivity of the security program
Skills and Competencies:
- Deep understanding of Cloud Services for Amazon Web Services (AWS), Azure and Softlayer. Including, but not limited to, Infrastructure as a Service (VPC/VNET, EC2/Virtual Machines, Security Groups, Network ACL, ELB/ALB/NLB, etc), Platform as a Service (EBS/S3/Blob, Database, Route53, CDN, etc), Serverless Services (Lambda/Functions, etc), Micro Services (Docker, ECS, etc), Security Services (GuardDuty, WAF, HSM, KMS, etc)
- Extensive experience with automation systems, and version control systems such as, but not limited to Saltstack, Ansible, Jenkins, Terraforms, CloudFormation, Puppet, GIT, Bitbucket, AWS/Azure management tools - AWS Config, CloudTrail, CloudWatch, Systems Manager, Trusted Advisor, Security Center etc)
- Experience with scripting and coding using, but not limited to, Python, or PowerShell, Bash
- Proficiency with AWS and Azure CLI and SDKs.
- Working knowledge of IP networking, VPNs, DNS, load balancing and firewalling
- Experience building infrastructure as code using AWS CloudFormation, Terraform or similar automated techniques
- Experience in documenting security controls for DevOps and Cloud environments using industry standard guidelines such as Center for Internet Security (CIS), Cloud Security Alliance (CSA) in conjunction with business requirements
- Knowledge of current and emerging DevOps and Cloud security trends.
- A professional certification in an information security domain such as CISSP, CISM, or CISA preferred but not required.
- Ability to work within an agile project management methodology.
Regards,
Azad Alam
IDC Technologies, Inc.
Work: 806-452-3994
Mailto: azad.a@idctechnologies.com