Application Cyber Security Engineer

POSTION SUMMARY:

This position will work closely with our Architecture, Application, DevOps, and Site Reliability engineers. The ability to be flexible, yet focused is essential to success in this fast-moving dynamic environment.

ESSENTIAL FUNCTIONS:

• Analyze and deeply understand the distribution of compliance with internal controls across our cloud platform and applications
• Design and create highly automated, self-service products and blueprints to help platform customers meet compliance objectives easily.
• Develop automation to streamline defect resolution and evidence collection
• Maintain security and compliance service catalog for cloud platform.
• Act as internal DevSecOps evangelist; demonstrating the benefits of embedding security and compliance to DevOps.
• Develop procedures to automate security and compliance checks during code builds and deployments.
• Train internal customer in the best practice cloud security and compliance-focused tools.
• Write and maintain relevant documentation

KNOWLEDGE, SKILLS, AND ABILITIES:

EDUCATION: Bachelor's degree or equivalent experience; Master's Degree in Computer Science or equivalent preferred;

EXPERIENCE & SKILLS:

• 3-5 years' experience in DevOps and Application Security engineering
• 2+ years Cloud Security experience (AWS, GCP, and/or Azure)
• Must be proficient in one or more scripting languages: Python, Unix Shell, Perl, PowerShell
• Experience with static, dynamic, and interactive application security testing platforms. (SAST/DAST/IAST)
• Experience with web application security best practices (e.g. OWASP)
• Experience working with WAF and API security tools.
• In-depth knowledge of Windows/Linux/Unix, and related tools.
• Experience with Splunk
• Strong written and verbal communication skills to drive adoption of AWS services and company standards of use.
• Passion for cloud computing and building large scale web-based applications.

PREFERRED EXPERIENCE

• Strong knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development
• Experience securing serverless and containers
• Experience with monitoring and logging at scale
• Embrace a culture of continuous development and service excellence
• AWS, GCP, or Azure Cloud Certifications
• CISSP, CCSP, CSSLP, CCSK, CompTIA Security +, or equivalent security

WORKING RELATIONSHIPS: Interacts with all levels of management and staff

• United States: AZ, FL, NC, IL, KY, MA, MI, NM, TN, TX and VA
• #LI-REMOTE