About
Location: Irvine, CA - onsite
AWS IAM, WAF, KMS, CloudTrail, GuardDuty "" Lead cloud security architecture for the Data Center Exit migration to AWS EC2.
" Design and implement AWS Landing Zone security including IAM guardrails, SCPs, and logging.
" Conduct application and infra vulnerability assessments and define remediation plans.
" Implement WAF rules, firewall policies, secure segmentation, and endpoint protection.
" Validate authentication, authorization, and encryption models for all migrated workloads.
" Support secure deployment practices, code reviews, and remediation of development gaps.
" Integrate SIEM systems with AWS native security tools for continuous monitoring.
" Define and enforce cloud security baselines aligned with CIS, NIST, and ISO controls.
" Lead penetration testing cycles and coordinate mitigation activities.
" Produce security HLD/LLD, risk assessments, and operational security runbooks.
Cloud Experience Needed
" Hands-on experience designing secure AWS multi-account Landing Zones and guardrail policies.
" Strong understanding of EC2 security, IAM, encryption, and identity federation models.
" Integration knowledge for Oracle Exadata on AWS, SQL Server, and middleware security flows.
" Experience with AWS WAF, Shield, GuardDuty, Security Hub, and detective controls.
" Ability to design security for EKS workloads including pod/network policies and image scanning.
" Understanding of security in hybrid cloud migrations and AWS migration tooling. "
"Strong expertise in AWS cloud security architecture including IAM, KMS, GuardDuty, and CloudTrail.
" Deep understanding of AWS Landing Zone, SCPs, governance, and enterprise security guardrails.
" Experience with security for custom applications including vulnerability identification and remediation.
" Proficiency with VAPT tools such as Nessus, Qualys, Burp Suite, Fortify, and Checkmarx.
" Strong understanding of WAF, firewall management, IDS/IPS, and network segmentation.
" Knowledge of OS-level security for Windows Server 2016 2025 and RHEL 7/8/9.
" Familiarity with securing Java, .NET, TIBCO ESB, and integration-heavy workloads.
" Understanding of database security for Oracle 19c, Exadata on AWS, and SQL Server.
" Ability to apply Zero Trust, least privilege, encryption, and secure-by-design principles.
" Strong collaboration skills across infra, app, DB, network, and DevOps teams. "
Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.