Web Application Penetration Testing / Security Engineering
Looking for a candidate to perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments. AWS Services automation Lambda JSON DevOps Pipelines GitHub Repos Hashcorp Product line terraform sentinel and hashi coding
- To perform this job successfully, an individual must be able to perform each primary duty satisfactorily.
- Perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments
- Perform independent reviews of security, network, applications, and cloud environments
- Plan/Design/Execute security related activities with automation as the primary driver to align with security strategy and vision
- Produce artifacts for various levels of leadership and staff relating to security related activities
- Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices
- Assist management with the improvement of policy and procedure to support Cloud Security Engineering activities as well as other security duties which may arise
- Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends
- Continue to support, grow, and assist development current processes and tools
- The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions.
- Requires an in-depth knowledge of security controls and standards in relation to Cloud Security, Architecture, and Security Testing.
- Ability to manage and execute on multiple intricate projects with strict deadlines while maintaining best in class work.
- Ability to functionally serve as a primary point of contact across multiple teams within the organization and to lead projects for the entirety of the lifecycle.
- Architectural understanding and expertise of cloud and hybrid cloud infrastructure
- Experience with AWS Services including automation services (Lambda, JSON, etc…)
- Experience with DevOps Pipelines and GitHub Repos
- Experience with HashiCorp Product line to include Terraform, Sentinel and Hashi Coding Language (HCL) for automated deployment of security tools and services
Education and/or Experience:
- Five years’ Experience with Cloud Security Engineering activities and testing
- Three years’ experience with DevOps processes
- Three years’ experience with AWS architecture and services
Certificates or Licenses:
- Certification in at least one or more of the following:
- AWS Certified Solutions Architect
- AWS Certified Security Specialty
- HashiCorp Terraform Associate
- Certification Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- GIAC Cloud Security Essentials (GCLD)
- GIAC Cloud Security Automation (GCSA)
- GIAC Defensible Security Architecture (GDSA)