Cloud Security Engineer
abnmi
Member Posts: 66 ■■■□□□□□□□
What courses/certs do you think would help in becoming a Cloud Security Engineer.
Comments
-
TheFORCE Member Posts: 2,297 ■■■■■■■■□□Cissp, aws, azure, networking knowledge and domain knowledge from 10 different other areas.
-
powerfool Member Posts: 1,666 ■■■■■■■■□□Understand the technologies that you're looking to secure.2024 Renew: [ ] AZ-204 [ ] AZ-305 [ ] AZ-400 [ ] AZ-500 [ ] Vault Assoc.
2024 New: [X] AWS SAP [ ] CKA [ ] Terraform Auth/Ops Pro -
jayc71 Member Posts: 112 ■■■■□□□□□□I work as a Cloud Security Architect, I currently just maintain several AWS certs and a CISSP. Will get around to taking the CCSP eventually. A lot of the job is based on past experience as an engineer, knowing networking, storage, OS's and security tools, plus how to build things in the cloud (granted I focus on AWS, but the high-level concepts are similar with Azure, GCP, etc). Having a background of working in highly secure environments helps, it makes security issues in less secure (ie private sector) environments really jump out at you. Understanding the policy side is key as well, it teaches you how to play the game with the security people you run into who do not have a technical background.CISSP, CCSP, CCSK, Sec+, AWS CSA/Developer/Sysops Admin Associate, AWS CSA Pro, AWS Security - Specialty, ITILv3, Scrummaster, MS, BS, AS, my head hurts.
-
chrisone Member Posts: 2,278 ■■■■■■■■■□Question, from what you have described it seems most of your infrastructure is in AWS? Is your domain infrastructure (DCs, AD, etc) still on-prem or Azure or AWS? If your domain infrastructure is AWS why not Azure? Sorry for all the questions, but I really wanted to pick a cloud security architects brain.
ThanksCerts: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
jayc71 Member Posts: 112 ■■■■□□□□□□chrisone said:Question, from what you have described it seems most of your infrastructure is in AWS? Is your domain infrastructure (DCs, AD, etc) still on-prem or Azure or AWS? If your domain infrastructure is AWS why not Azure? Sorry for all the questions, but I really wanted to pick a cloud security architects brain.
Thanks
For my own consulting company, we run everything out of Office365 with no real infrastructure (granted we are small), and we federate AWS access via Jumpcloud for our internal AWS labs and systems.CISSP, CCSP, CCSK, Sec+, AWS CSA/Developer/Sysops Admin Associate, AWS CSA Pro, AWS Security - Specialty, ITILv3, Scrummaster, MS, BS, AS, my head hurts. -
chrisone Member Posts: 2,278 ■■■■■■■■■□Very cool! Thanks for the reply.
I guess I am still trying to wrap my mind around building Microsoft infrastructure in AWS over Azure. There is just more integration a company can take advantage of with their Microsoft domain and all the Azure and O365 features.
I get it that AWS is great at many things, and I write this prematurely and with little aws experience, but it seems they are great at storage, web, IaaS, PaaS, but do they compete with Microsoft O365 in SaaS?
just wondering what your thoughts are.
thanks!Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
scasc Member Posts: 465 ■■■■■■■□□□Pretty much the best way to authenticate via federated access over SAML. I’ve been working in both environments and they both are pretty good with a rich range of options to use to protect each layer of the stack. Traditionally AWS was built to shift your workloads as an IaaS and now they like MS are also pushing out server less automation via PaaS - rapid development and action based on rule sets.
AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia... -
jayc71 Member Posts: 112 ■■■■□□□□□□chrisone said:Very cool! Thanks for the reply.
I guess I am still trying to wrap my mind around building Microsoft infrastructure in AWS over Azure. There is just more integration a company can take advantage of with their Microsoft domain and all the Azure and O365 features.
I get it that AWS is great at many things, and I write this prematurely and with little aws experience, but it seems they are great at storage, web, IaaS, PaaS, but do they compete with Microsoft O365 in SaaS?
just wondering what your thoughts are.
thanks!CISSP, CCSP, CCSK, Sec+, AWS CSA/Developer/Sysops Admin Associate, AWS CSA Pro, AWS Security - Specialty, ITILv3, Scrummaster, MS, BS, AS, my head hurts. -
chrisone Member Posts: 2,278 ■■■■■■■■■□Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
scasc Member Posts: 465 ■■■■■■■□□□No problem at all. You can leverage either cloud model in both - and depending on the shared responsibility of cloud you would want to deploy appropriate controls, I.e. SaaS is higher up the stack so you have less security responsibility than the others.In respect to O365 - as mentioned above it’s different to AWS though more in line with something like sales force or archer (SaaS based where you can choose how to access/enforce permissions based on roles etc).
With MS. If you have an O365 license you get an azure offering included. Clever way to boost the appeal, just like IE with Windows.AWS, Azure, GCP, ISC2, GIAC, ISACA, TOGAF, SABSA, EC-Council, Comptia...