- Ensure robust security posture of the product, across various components (LocalStack emulators, LocalStack Cloud platform, data warehouse).
- Lead initiatives for incident monitoring, intrusion detection, and vulnerability management.
- Define and implement regular security auditing procedures across systems and access controls.
- Deliver a sustainable, scalable process for vendor risk assessments and other security-related initiatives.
- Ensure secure configurations and permission models, while collaborating with the engineering teams.
- Identify gaps between claimed and actual compliance and propose/lead corrective actions.
- Own documentation of security controls, configurations, and policies.
- Engage with internal stakeholders to evaluate different security threats and attack vectors.
- Generate and distribute internal audit and compliance reports in regular intervals.
AWS