Aws And App Vulnerability Manager (Remote)

We are seeking a Senior Vulnerability Management Specialist with strong expertise in AWS cloud security and application security. In this role, you’ll be responsible for ensuring the security of our applications and AWS infrastructure by identifying, assessing, and addressing vulnerabilities. You will collaborate with DevOps, development, and security teams of our client to implement best practices and remediation strategies.

Key Responsibilities:

Vulnerability Management & Security

• Conduct regular vulnerability scans and assessments on AWS infrastructure and applications.
• Prioritize vulnerabilities based on risk and coordinate with teams to address them.
• Implement and maintain AWS security best practices across services like EC2, S3, IAM, Lambda, and VPC.
• Monitor AWS environments for security threats and misconfigurations using tools like AWS Security Hub, Inspector, and GuardDuty.

Application Security

• Perform static and dynamic security testing (SAST/DAST) on applications.
• Review application architecture for security risks and work with development teams to integrate security into the Software Development Life Cycle (SDLC).

Incident Response & Remediation

• Respond to security incidents and conduct root cause analysis.
• Create and maintain playbooks for handling vulnerabilities and security incidents.

Compliance & Reporting

• Ensure compliance with standards like GDPR, HIPAA, PCI-DSS, or other relevant frameworks.
• Report vulnerability status and remediation efforts to leadership and auditors.

Required Skills & Tools:

• AWS Security: Deep knowledge of IAM, EC2, S3, Lambda, VPC security.
• Vulnerability Scanning Tools: Experience with tools like Wiz, Qualys, AWS Security Hub.
• Application Security Tools: Proficiency with SAST/DAST tools (e.g., Snyk, SonarQube).
• Container Security: Experience with Docker and Kubernetes.
• Strong understanding of OWASP Top 10, CWE, and secure coding practices.

Preferred Methodologies & Certifications:

• Security Frameworks: OWASP Top 10, STRIDE Threat Modeling.
• Certifications: AWS Certified Security Specialty, CISSP, CEH, or other relevant certifications.
• Experience with CI/CD pipelines and automating security processes.
• Familiarity with GDPR, HIPAA, PCI-DSS compliance.

How can you fit?

• 8+ years of experience in vulnerability management, AWS security, and application security.
• Hands-on experience with AWS services and vulnerability management tools.
• Proficiency with SAST/DAST tools and application security frameworks.
• Must be based in Mexico and able to work remotely for a US-based company.
• Strong collaboration skills with DevOps and development teams to ensure secure environments.

Benefits:

• 100% Remote.
• We are a US-based company, so no additional benefits are offered.
• Up to $30 USD per hour all inclusive