Search by job, company or skills
Job Description:
1. 5+ years in Development ( not just testing) field and has chosen the path of security to build the career
2. Knowledge on APIs and Micro segmentation cohesion and knowledge on isolated workload deployments
3. Strong Understanding of security concepts , including threat modelling, risk assessment and Vulnerability management including shift left methodology towards SSDLC
4. Knowledge of the SLDC and experience integrating security best practices at every process stage.
5. Familiarity with automation tools and scripting languages like python and PowerShell.
6. Understanding cloud security principles including secure architecture design and configuration management.
7. Knowledge on Jenkins, Gitlab, Docker, Kubemetes , Ansible Terraform etc.
8. Core Authentication and authorization principles that include Auth0, JWT etc.
9. Knowledge on container security principles , such as Docker and Kubernotes.
10. Experience in devOps practices such as continuous integration and delivery (CI/ CD) and infrastructure as code (lAC)
11. Experience in various compliance frameworks and regulations : PCI-DSS , HIPAA and GDPR.
12. Good Analytical problem solving skills to scrutinize and solve very intricate security problems with effective solutions.
13. Ability to work cohesively with cross functional teams and possess good communication skills.
14. Passionate about continued learning and being aware of current security trends and technologies.
15. Must have certified Dev Sec Ops Professional ( CDP)/ (CDE ) Certified Dev Sec Ops Expert.
Roles and Responsibilities
1. Integrating security features I the software development life cycle and identification and probable security risk, with their mitigating strategies for the entire SSDLC
2. Implementation of security controls and monitoring of the threats to security related to SSDLC.
3. Ensuring regulatory compliance for standards of security.
4. Proficient in uniting cross functional teams and communicating clearly while frequently pursuing knowledge of the latest trends and technologies in security.
5. Build in security early and often within the SDLC , so each of the phases identifies and mitigate the risk in the process.
6. Cultivate a security culture within the organization ;every stakeholder should know their responsibilities with the SSDLC.
7. Automate everything in the security testing and deployment process that you can possibly automate as more likely to be driven by human error.
8. Take a security risk based approach, focusing on all important but most critical assets and vulnerabilities.
9. To leverage laC ( infrastructure as a code) in a more consistence and efficient way to put up secure environments.
10. Regular assessments and penetration testing should help in identifying any exposure for the improvement of security posture.
11. Help in sharing knowledge and best practices between security, development, and operation teams to achieve true collaborations. Monitor the environment from any security threat and respond promptly to incidents or breaches.
12. Utilizing a security centric devops toolchain to intergrate security testing , deployment and process smoothly.
13. Integration of security into SDLC will ensure developed software complies with some security standards and regulations for example PCI-DSS , HIPAA, GDPR Etc.
Industry:Other
Job Type:Permanent Job
Date Posted: 07/10/2024
Job ID: 95294217