Overview
Skills
Job Details
Seeking an accomplished and dynamic security engineer with a strong background in programming and process enhancement to enhance our security management and compliance. The candidate will be responsible for analyzing security requirements, enhance security integration in SDLC to ensure secure application development, and develop security software to automating security processes to improve overall security compliance status. This role requires strong knowledge of security best practices to proactively prevent vulnerabilities and threats and extensive experience in secure application development lifecycle, cloud technology, CI/CD pipeline, and security governance and compliance management.Key Responsibilities:Partner with security standard and control owners, analyze standards and controls to identify opportunity for automation. Design and develop solutions. Develop, maintain, and optimize security automation system. Implement and manage security control validations as well as building solutions within CI/CD pipelines to ensure secure software development and deployment. Collaborate with other security teams, technology teams, and business to deliver security best practice solutions. Assess and identify gaps in secure software development and compliance management process, develop and implement mitigation strategies. Bachelor s degree in Stay updated with emerging security technologies, intelligence, and best practices.Help establish strategies and roadmaps to optimize security operation.Qualifications:Computer Science, Cybersecurity, Information Technology, or a related field (Master s preferred). 5 - 8 years of experience in software development with a strong focus on automation and scripting. 5 - 7 years of experience in application security 3 - 5 years of hands-on experience and in-depth knowledge of core services with AWS (e.g., EC2, S3, Lambda, CloudWatch, DynamoDB, monitoring of containers) Proficient in programming language (Python, JavaScript, Java, .Net, etc.) and Bash/Powershell for scripting and automation tasks. Demonstrated ability to code and provide on time delivery of quality components and or applications. Experience with building and interacting with REST API services Experience with CI/CD pipelines (GitHub or Harness), configuration management and security tools. Proven track record of taking proactive ownership and leading initiatives to successful outcomes. Demonstrated ability to identify opportunities and drive efforts to define and implement effective solutions. Strong collaboration skills, with experience working closely with stakeholders and team members to achieve shared goals. Ability to quickly acquire and apply new knowledge to address challenges and deliver results. Excellent problem-solving and critical-thinking skills, with a focus on delivering innovative and practical solutions. Strong communication and interpersonal skills to effectively engage with diverse teams and stakeholders. Familiarity with common security vulnerabilities, for example OWASP Top 10, and their remediation strategies. Experience with popular security and IT tools such as SAST, DAST, etc.
Preferred Qualifications: Experience with penetration testing and ethical hacking. Certifications such as CISSP, CSSLP, CCSP, CEH, OSCP, AWS Security Specialty, or CISM. Cloud certifications such as AWS Cloud Practitioner, AWS Solutions Architect Associate OR AWS Developer Associate. Experience building dashboards and reports for visualizing operation data using reporting tools such as QuickSight. |