Job Title: Security Controls Engineer
Location: Irving, TX/Jersey City, NJ/Tampa, FL
Type: Fulltime
(OPT, , USC)
Job Description
Key Responsibilities
Design and develop custom security controls based on threat modelling outputs
Build:
o Detective controls using Python-based frameworks
o Preventative controls using OPA/Rego policies
Extend and enhance existing security control frameworks
Develop and maintain:
o Automated unit tests
o Behavioral (BDD) test cases
Integrate controls into CI/CD pipelines for continuous validation
Collaborate with:
o Threat modeling teams
o Cloud architects
o Security SMEs
Required Qualifications
This is a development-heavy role. Candidates must demonstrate strong coding capability.
Security experience is required, but coding proficiency is mandatory.
Minimum of 3-5 years of experience in DevSecOps engineering with a focus on cloud environments (AWS, Google Cloud Platform, Azure), ideally working within a security program.
Strong software engineering background - proficiency in software testing methodologies and tools.
Advanced proficiency in Python - proficiency with Python and Terraform for testing, automation and custom tool development.
Proficiency with:
o API integrations and backend development
o Writing scalable, maintainable code
Hands-on experience with:
o Automated testing frameworks (Python)
o CI/CD pipelines
Experience with cloud-native development and architecture, leveraging services and tools specific to AWS, Google Cloud Platform, and Azure.
Experience with detection engineering: detection-as-code practices, developing and maintaining detection rules
Hands-on experience with Open Policy Agency (OPA) for policy enforcement
Proficiency in DevOps tools and practices
Experience with SIEM query languages such as Splunk SPL, YARA rules, etc.
MUST pass Karat Assessment (Python focused).