Description

Responsibilities:

  • Design and Implement Cloud DMZ Architectures: Build secure DMZ environments in AWS using services such as VPC, Transit Gateway, NACLs, Security Groups, AWS Network Firewall, WAF, and Application Load Balancers.
  • Secure External Access Points: Configure ingress and egress traffic flow, including NAT Gateways, VPC endpoints, and firewall rules for external-facing applications and services.
  • Cloud Networking Expertise: Create and manage VPC peering, route tables, subnets, and VPN/Direct Connect integrations, ensuring secure and efficient communication across hybrid environments.
  • Threat Mitigation & Monitoring: Implement logging, monitoring, and alerting using tools like AWS CloudWatch, GuardDuty, Security Hub, and custom Lambda automation for DMZ-related events.
  • Compliance and Best Practices: Ensure that the DMZ configurations align with industry standards (e.g., NIST, CIS, ISO 27001) and internal security policies.
  • Collaboration and Documentation: Work closely with cloud architects, application owners, and InfoSec teams. Maintain up-to-date documentation for network topology, security configurations, and standard operating procedures.


Requirements:

  • 5+ years of experience in cloud infrastructure and security, with a focus on AWS Strong understanding of network and perimeter security concepts (DMZ, firewalls, IDS/IPS, etc.)
  • Hands-on experience with AWS networking services and security tools Deep knowledge of TCP/IP, DNS, HTTPS, and VPN technologies Proficiency with Infrastructure as Code (IaC) tools such as Terraform or AWS CloudFormation Familiarity with CI/CD pipelines and DevSecOps practices AWS certifications (e.g., AWS Certified Advanced Networking, Security Specialty) preferred
  • Experience with hybrid cloud environments and on-prem to cloud migration Background in regulated industries such as finance, healthcare, or government Knowledge of Zero Trust Network Architecture (ZTNA) principles Strong scripting skills (Python, Bash, etc.) for automation and orchestration
  • Must Have Qualifications: Strong understanding of networking and DMZ setup, ZTNA required, Scripting skills with automation, Bash, Python, Cloud AWS, 3+ Palo alto virtual firewall

Key Skills
Education

Any Graduate

Back To Jobs