Must Have Technical/Functional Skills
IT experience minimum of 6 years with minimum of 4 years Cyber-Security/Information Security must
Threat Modeling (STRIDE, PASTA, Attack trees, tooling, Att&ck) must.
Identifying vulnerabilities using CWE or OWASP.
Experience working in a cyber-security role - must.
Security practices pertaining to authentication, authorization, logging/monitoring, encryption, infrastructure security,
network/segmentation must.
Operating systems and their hardening.
Development concepts (such as: CICD, Pipelines, SDLC).
Scripting languages, Infrastructure as Code (Terraform, CloudFormation) must.
Cloud Development Kit (CDK), GitOps.
Operating in a DevOps / agile team structure.
Jira or other ticketing systems must.
Understanding of docker/K8S/serverless/helm.
Support or perform pen testing.
Snowflake/MongoDB/Terraform Cloud/GitHub/Databricks.
Design and review technical architectures must.
Roles & Responsibilities:
Threat Modeling using a documented process.
Development of automation tools as required.
Maintain a high standard of work in identifying threats and specifying mitigating controls.
Attending to the lifecycle of identified threats and controls.
Delivery of threat models and supporting tasks within existing timeframes.
Provide feedback, support, and improvements to the existing threat modeling process.
Present work to seniors, the team, and other technical teams.
Work with little supervision to complete work
Bachelor's degree in computer related field or equivalent work experience.
Associate level cloud certification:
AWS Certified Developer, AWS Certified Solutions Architect, AWS Certified SysOps Administrator
CompTIA Cloud+
Google Associate Cloud Engineer or other professional Google Cloud Platform certification
Oracle Cloud Infrastructure Certified Architect Associate, Oracle Cloud Infrastructure Certified Cloud Operations Associate
Microsoft Certified: Azure Developer Associate
Associate or professional cyber-security
ISACA Certified Information Systems Auditor (CISA)
GIAC Security Essentials (GSEC)
ISC2 Systems Security Certified Practitioner (SSCP)
CompTIA CySA+
Microsoft Certified: Security Operations Analyst Associate; Information Protection Administrator A ssociate.
Never miss an opportunity! Create an alert based on the job you applied for.
