Aws Security Engineer

Job Title: AWS Security EngineerBAE Systems Digital Intelligence is home to 4,500 digital, cyber, and intelligence experts.
We work collaboratively across 10 countries to collect, connect, and understand complex data, so that governments, nation states, armed forces, and commercial businesses can unlock digital advantage in the most demanding environments.
We are looking for a talented and enthusiastic individual with excellent technical and client-facing skills, to act as an AWS security engineer, who can design, deploy 3rd party security applications as code, integrate with native AWS tools, and maintain and configure those tools.
3rd party integration will include tools such as Splunk, JIRA ITSM, and Cribl Stream.
The individual will need to be able to maintain and configure GuardDuty, Cloud Watch, Cloud Trail, VPC, AWS Config, Security Hub, Detective, Security Lake, Inspector, and Audit Manager as a minimum.
They will also be responsible for working with wider engineering and development teams to design and deploy security monitoring solutions in AWS and integrating across multi-cloud and on-premise networks.
This role is situated within our National Security & Government Business, based in Canberra, with substantial time on client site.
The role will require a government security clearance at NV2 minimum, but candidates will be expected to undergo PV.
The company supports individuals' career development and has a wide range of opportunities to develop further into cloud implementation, solution architecture, and broader security consulting, depending on the aspirations and skills of the successful candidate.
ResponsibilitiesThe role is an AWS developer who can deploy infrastructure and applications as code, configure them, and integrate with native AWS security tools.Design and deploy AWS security services, apply security controls, and check compliance against a range of security standards.Develop, test, and deploy security tools as code onto AWS via AWS pipelines on EC2 instances and integrate applications with identity management solutions.Security applications such as Splunk, JIRA ITSM, and CTI tools.Design, implement, and manage log collection and onboarding activities onto AWS for SOC security tools (SIEM) from cloud and on-premise environments.Oversee deployment/implementation activities ensuring that entry criteria are met, all planned activities are completed, and that rollback plans are initiated where required.Identify use cases, plan development, deployment, testing, and release into production.Liaise with product and platform teams to ensure that AWS security tools are configured, managed, maintained, and integrated with SOC security tools.Review and approve all required documentation as part of a release or change including design, deployment, configuration, and administration guides.Integrate solutions with vulnerability and asset and configuration management and other tools to enrich efficacy of the solution.RequirementsTechnicalStrong knowledge and experience in AWS configuration including EC2, S3, ELB, Kinesis, EKB, Docker, and Kubernetes.Strong knowledge and experience in AWS deployment and deployed as code via pipelines for infrastructure and security applications.Use and best practices around AWS core tooling including Config, Investigator, IDAM, etc.Strong relationship with regional AWS staff helpful.Strong knowledge of how AWS security functions work as security controls as well as detection tools to protect large cloud estates; Produce content and playbooks on AWS and Splunk to detect security breaches and recognize the importance of threat-led Use Cases.Knowledge of SIEM/SOAR tools (Splunk and Sentinel at a minimum) and other appropriate tooling e.g.
SOAR, Threat Intelligence, traffic analysis tools, etc.
to identify signs of an intrusion, and advise where new/improved tooling could enhance the SOC operation.Deep knowledge and experience of operational ICT service delivery management.Working with a range of security tooling/technology.Strong understanding of security architecture, in particular networking.Detailed understanding of threat intelligence and threat actors, TTPs, and operationalizing threat intelligence.Understand TCP/IP component layers to identify normal and abnormal traffic.Experience of Splunk (with ES) &/or Sentinel.Non-technicalClient-side consulting, including stakeholder engagement and the ability to communicate insights and concepts to others (including briefing skills and report writing).Coaching mindset – help and mentor team.Security process development.Able to understand and adapt to different cultures and hierarchical structures.Self-starter and capable of independent working.Team player and adept at working in multi-disciplinary and diverse teams.CommunicationAbility to write concisely and clearly in simple language.Ability to speak clearly and accurately in English.InterpersonalAbility to build and maintain relationships with various stakeholders.Ability to talk competently and maintain high standards of behavior with the client.Ability to work in a multi-cultural environment.Ability to maintain confidentiality and deal with matters of national security.Ability to maintain high standards and provide challenging feedback even when it will be perceived negatively.It is imperative that the individual can complete their tasks with minimal direction.Ability to work collaboratively.Self-awareness and understanding of your own strengths and weaknesses.Good time and schedule management.Adaptability to react to rapid changes.Motivation.Able to motivate groups and individuals at various levels of knowledge and experience.Self-starter with the ability to maintain self-motivation.Able to manage and recognize signs of stress.A positive attitude, positive outlook, and an active team leader/member.Utilizing a common sense approach and maintaining a level head when faced with unusual requests.The individual needs to be able to maintain discretion and be highly trustworthy.We are embracing Hybrid Working.
This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day.
Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence.
We are proud to have an organizational culture where employees with varying perspectives, skills, life experiences, and backgrounds – the best and brightest minds – can work together to achieve excellence and realize individual and organizational potential.
Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defense industry, and Capabilities is the engine that keeps the business moving forward.
It is the largest area of Digital Intelligence, containing our Engineering, Consulting, and Project Management teams that design and implement the defense solutions and digital transformation projects that make us a globally recognized brand in both the public and private sector.
As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever-changing digital world.
We all have a role to play in defending our clients, and this is yours.

#J-18808-Ljbffr