AWS DevSecOps Lead (Policy Development & Mapping) - AWS, Rego Policy

Job Description

Introduction:

We are seeking a highly skilled and experienced AWS DevSecOps Lead with a strong background in policy development and security mapping to join our dynamic team. The ideal candidate will be responsible for driving security initiatives within our AWS cloud environment, ensuring compliance with security policies, and integrating security throughout the DevOps pipeline. As a leader in our DevSecOps team, you will be instrumental in enhancing our cloud security posture while driving automation, policy development, and adherence to industry best practices.

Key Responsibilities:

Policy Development & Mapping:

• Lead the creation, development, and enforcement of security policies across the AWS cloud environment, ensuring compliance with organizational standards and regulatory requirements.
• Develop security policy mappings and frameworks (e.g., CIS, NIST, ISO 27001) to align with cloud-native services and DevOps workflows.
• Design and implement automated policy checks, audits, and remediation actions to maintain continuous security compliance.

Cloud Security Architecture:

• Collaborate with architecture and engineering teams to design, implement, and review secure AWS cloud infrastructure, ensuring it aligns with security best practices and standards.
• Conduct security assessments, threat modeling, and risk analysis of AWS environments to identify and mitigate vulnerabilities.
• Maintain a deep understanding of AWS services, security features, and emerging threats.

DevSecOps Integration:

• Drive the integration of security controls into the CI/CD pipeline to ensure secure code development and deployment processes.
• Automate security testing and vulnerability scanning within the DevOps pipeline.
• Work closely with developers to integrate security into the application lifecycle, providing guidance on secure coding practices, access control, and threat mitigation.

Compliance and Auditing:

• Ensure compliance with internal and external regulatory requirements (e.g., GDPR, HIPAA, SOC 2) within the AWS cloud infrastructure.
• Lead periodic audits and assessments of AWS environments, security policies, and controls to ensure continued compliance and risk mitigation.
• Maintain up-to-date knowledge of AWS security tools, compliance frameworks, and industry regulations.

Leadership & Collaboration:

• Lead a team of security professionals and provide guidance on best practices for AWS cloud security, automation, and policy enforcement.
• Collaborate cross-functionally with DevOps, engineering, product teams, and security teams to embed security within the software development lifecycle.
• Promote a security-first culture and drive continuous improvement in cloud security practices.

Incident Response & Risk Management:

• Act as the primary contact for incident response and remediation related to AWS cloud security vulnerabilities, policy violations, and security breaches.
• Lead post-incident analysis and ensure lessons learned are incorporated into security policies and automation processes.

Qualifications:

• Education: Bachelor's or Master's degree in Computer Science, Information Security, Engineering, or related field.
• Experience:
  • 7+ years of experience in cloud security, DevSecOps, or a related security domain.
  • 3+ years of hands-on experience in designing and implementing AWS cloud security solutions (e.g., IAM, VPC, KMS, CloudTrail, GuardDuty, etc.).
  • Proven experience in policy development, compliance mapping, and governance frameworks (CIS, NIST, ISO, etc.).
  • Expertise in DevSecOps practices, CI/CD pipeline integration, and automation of security testing (e.g., SAST, DAST, IaC scanning).
  • Experience with infrastructure-as-code (IaC) tools such as Terraform, CloudFormation, or similar.
  • Strong knowledge of security protocols, risk management, and incident response.
• Certifications:
  • AWS Certified Security - Specialty (or equivalent).
  • Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or equivalent preferred.
  • Additional certifications in security frameworks (e.g., ISO 27001, NIST) are a plus.

Technical Skills:

• AWS: In-depth knowledge of AWS services (EC2, Lambda, S3, RDS, VPC, IAM, KMS, GuardDuty, etc.) and security features.
• Security Tools: Experience with cloud security tools such as Prisma Cloud, AWS Config, CloudTrail, AWS Shield, and third-party security solutions.
• Programming & Scripting: Proficient in at least one programming language (e.g., Python, Bash, Go) for automating security tasks and integrating security checks in CI/CD pipelines.
• Compliance & Risk Management: Strong understanding of regulatory frameworks (e.g., GDPR, SOC 2, HIPAA) and ability to map them to AWS cloud security practices.

Soft Skills:

• Strong leadership and team management abilities.
• Excellent communication skills, both written and verbal, with the ability to explain complex security concepts to non-technical stakeholders.
• Problem-solving mindset with attention to detail and the ability to make data-driven decisions.
• Ability to thrive in a fast-paced, collaborative, and agile work environment.