Job Summary

The AWS Cloud Analyst/Developer evaluates Amazon Web Services (AWS) to define, document, develop/code, and implement security controls. This role bridges the gap between architectural analysis and technical enforcement by developing Policy as Code (PaC) to ensure services meet enterprise standards. The analyst/developer manages the full service-enablement lifecycle, collaborating with threat modelers and governance boards to facilitate secure cloud adoption.

Primary Responsibilities

• Service Analysis: Evaluate AWS services to identify security requirements and document them in standard service enablement workbooks.
• Governance Reviews: Present service enablement workbooks to the Cloud Standards Board (CSB) for review. Address expert panel inquiries to secure service approval, information requests, or risk escalations.
• Threat Modeling: Collaborate with threat modelers to identify risks for specific AWS services. Present findings to the Threat Model Review (TMR) board and integrate identified mitigations into the final service control set.
• Technical Development: Write/develop code for automated controls to secure AWS services. Code control, response and remediation scripts using Python and Terraform. Build Infrastructure as Code (IaC) modules to deploy approved controls across AWS commercial and government landing zones, some of which are connected to the enterprise network (internal), and some of which are isolated from the enterprise network (external).
• Version Control: Manage all control logic, configuration files, and documentation within Git repositories, following standard branching and pull request workflows.
• Cross-Team Collaboration: Coordinate with the CSB core team and the PaC team to align automated enforcement with organizational policy and validation standards.

Other Responsibilities

• Serve as a Subject Matter Expert (SME) for internal teams regarding AWS architecture and service capabilities.
• Perform ad hoc technical research to resolve complex queries about emerging cloud features.

Key Performance Indicators (KPIs)

• Throughput of AWS services moved from initial analysis to production enablement.
• First-pass approval rate of workbooks and threat models by respective review boards.
• Code coverage for automated control enforcement using Python and Terraform.
• Remediation for risks identified during the TMR process.

Deliverables

• Completed Service Analysis workbooks and security control documentation.
• Threat model diagrams and risk mitigation reports.
• Validated Terraform modules and Python-based functions for control implementation.
• Technical presentations for review boards.

Required Qualifications

• Expertise in Python, JSON, and Terraform for cloud security control automation.
• Knowledge of various automated control types: Preventative, Proactive, Detective, Reactive, etc., and AWS Service Control Policies.
• Experience with Git repository management and CI/CD (Continuous Integration/Continuous Deployment) concepts.
• Strong understanding of AWS Cloud Architecture and core service security (e.g., IAM, VPC, KMS).
• Experience presenting technical analysis to expert panels or formal committees.
• Must be a US Citizen

Preferred Experience

• AWS certifications (e.g., Solutions Architect Professional or Security Specialty).

• Experience developing custom AWS security controls.

• Experience in Governance, Risk, and Compliance (GRC) or PaC frameworks.
• Background in formal threat modeling methodologies (e.g., STRIDE).

Only shortlisted candidates are going to be contacted

Benefits:

Paid sick leave, Medical/Dental (optional), 401 (k) Retirement Plan (optional), Employer Paid Life Insurance, Employer Paid Short Term Disability, Optional Life Insurance.


ELYON International, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Service Analysis: Evaluate AWS services to identify security requirements and document them in standard service enablement workbooks. Governance Reviews: Present service enablement workbooks to the Cloud Standards Board (CSB) for review. Address expert panel inquiries to secure service approval, information requests, or risk escalations. Threat Modeling: Collaborate with threat modelers to identify risks for specific AWS services. Present findings to the Threat Model Review (TMR) board and integrate identified mitigations into the final service control set. Technical Development: Write/develop code for automated controls to secure AWS services. Code control, response and remediation scripts using Python and Terraform. Build Infrastructure as Code (Ia. C) modules to deploy approved controls across AWS commercial and government landing zones, some of which are connected to the enterprise network (internal), and some of which are isolated from the enterprise network (external). Version Control: Manage all control logic, configuration files, and documentation within Git repositories, following standard branching and pull request workflows. Cross-Team Collaboration: Coordinate with the CSB core team and the Pa. C team to align automated enforcement with organizational policy and validation standards. Other Responsibilities Serve as a Subject Matter Expert (SME) for internal teams regarding AWS architecture and service capabilities. Perform ad hoc technical research to resolve complex queries about emerging cloud features. Key Performance Indicators (KPIs) Throughput of AWS services moved from initial analysis to production enablement. First-pass approval rate of workbooks and threat models by respective review boards. Code coverage for automated control enforcement using Python and Terraform. Remediation for risks identified during the TMR process. Deliverables Completed Service Analysis workbooks and security control documentation. Threat model diagrams and risk mitigation reports. Validated Terraform modules and Python-based functions for control implementation. Technical presentations for review boards. Required Qualifications Expertise in Python, JSON, and Terraform for cloud security control automation. Knowledge of various automated control types: Preventative, Proactive, Detective, Reactive, etc., and AWS Service Control Policies. Experience with Git repository management and CI/ CD (Continuous Integration/ Continuous Deployment) concepts. Strong understanding of AWS Cloud Architecture and core service security (e.g., IAM, VPC, KMS). Experience presenting technical analysis to expert panels or formal committees. Must be a US Citizen Preferred Experience AWS certifications (e.g., Solutions Architect Professional or Security Specialty). Experience developing custom AWS security controls. Experience in Governance, Risk, and Compliance (GRC) or Pa. C frameworks. Background in formal threat modeling methodologies (e.g., STRIDE). Only shortlisted candidates are going to be contacted

search terms: AWS+Analyst