Role: Lead Software Engineer Type: Permanent Location: Gloucester, UK Clearance: Must hold enhanced DV Security Clearance Overview: Searchability NS&D is recruiting a Lead Software Engineer with enhanced DV Security Clearance to join a data driven SME that designs, builds and operates advanced, ultra-secure data infrastructure, delivering data modernisation at enterprise scale, to enable AI-driven transformation and seamless sharing of trusted data at scale for secure UK Government clients. You will be working with National Security and Defence clients, across both short and long-term programmes of work, as part of an Agile team of like-minded individuals who thrive on solving real-world problems, keeping the UK safe. As a Lead Software Engineer, you will help lead the development of Back End platforms and services for National Security and Defence clients leveraging the latest commercial and open-source technologies in private and public cloud environments. *Please note - you must already hold enhanced DV Security Clearance to apply* Key Responsibilities: Design, develop, document, deploy and enhance features to a range of platforms and services that meet functional and non-functional business requirements Build frequent, small releases to maintain the team's momentum Build, optimise and operate Continuous Deployment pipelines Actively participate in the team's elaboration and estimation of user stories Collaborate closely with other engineers in cross-functional teams Key Requirements: Fluent in writing Java coding and experience with JVM compatible languages (Kotlin, Scala) Experience with Kafka or a similar platform Experience working in Agile DevSecOps environments and Zero Trust Architecture Integrating with backing services, such as PostgreSQL, Redis or S3 Strong engineering practices including continuous delivery, clean code, documentation, defensive programming, automated testing and code reviews Using GitHub/GitLab/Atlassian Suite for source control Test Driven Development with appropriate tools and frameworks Experience with micro-service design patterns Experience in Big Data technologies To be considered please apply directly with an up to date copy of your CV.
18/09/2024
Full time
Role: Lead Software Engineer Type: Permanent Location: Gloucester, UK Clearance: Must hold enhanced DV Security Clearance Overview: Searchability NS&D is recruiting a Lead Software Engineer with enhanced DV Security Clearance to join a data driven SME that designs, builds and operates advanced, ultra-secure data infrastructure, delivering data modernisation at enterprise scale, to enable AI-driven transformation and seamless sharing of trusted data at scale for secure UK Government clients. You will be working with National Security and Defence clients, across both short and long-term programmes of work, as part of an Agile team of like-minded individuals who thrive on solving real-world problems, keeping the UK safe. As a Lead Software Engineer, you will help lead the development of Back End platforms and services for National Security and Defence clients leveraging the latest commercial and open-source technologies in private and public cloud environments. *Please note - you must already hold enhanced DV Security Clearance to apply* Key Responsibilities: Design, develop, document, deploy and enhance features to a range of platforms and services that meet functional and non-functional business requirements Build frequent, small releases to maintain the team's momentum Build, optimise and operate Continuous Deployment pipelines Actively participate in the team's elaboration and estimation of user stories Collaborate closely with other engineers in cross-functional teams Key Requirements: Fluent in writing Java coding and experience with JVM compatible languages (Kotlin, Scala) Experience with Kafka or a similar platform Experience working in Agile DevSecOps environments and Zero Trust Architecture Integrating with backing services, such as PostgreSQL, Redis or S3 Strong engineering practices including continuous delivery, clean code, documentation, defensive programming, automated testing and code reviews Using GitHub/GitLab/Atlassian Suite for source control Test Driven Development with appropriate tools and frameworks Experience with micro-service design patterns Experience in Big Data technologies To be considered please apply directly with an up to date copy of your CV.
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
17/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
17/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Senior Engineer - Application Security Start Date: ASAP Contract Length: 12 Month Contract Location/Remote Working: Galway - Hybrid - 1 week Onsite, 3 weeks Remote Pay Rate: 300- 360 Euros Per Day Summary Trust in SODA is collaborating with a leading finance company who are seeking an accomplished Senior Engineer to focus on their application security. As a team member, you will play a pivotal role in steering decisions, leading deployments, and crafting integrations with their current systems. They are ideally looking for someone who would have experience in 2 or more of the following areas: DevOps, Security (ideally App Sec) and Software Development. Essentials AWS certification (advantageous) and has working experience with cloud environments. Hands on experience with automation & pipeline implementation (Testing, Continuous Integration/Continuous Delivery pipeline). Any application security experience, including Pen Testing, Static Composition Analysis (SCA), SAST, DAST, and Web Application Firewalls (WAF) would be considered a plus. Experience with data processes, including but not limited to ETL, ELT, Data Modeling, and proficiency with BI tools like PowerBI, Tableau, or similar, as well as Oracle or equivalent RDBMS, is also advantageous. Skills You possess strong engineering skills and have experience deploying maintainable, scalable multi-tiered applications. You are capable of designing and developing tools/applications. You have experience with test automation, including solid understanding of test tools. You have a security architecture mentality. Key Responsibilities Design, develop, test, deploy and maintain SAST, SCA and secret scanning tools into the CI/CD pipeline and developer workflow tools. Evaluate and leverage opensource or vendor technologies, to support the development community in eliminating application security vulnerabilities from their applications. You are a collaborative team-player in an autonomous team, owning all aspects of delivery (coding, quality, DevSecOps).
16/09/2024
Contractor
Senior Engineer - Application Security Start Date: ASAP Contract Length: 12 Month Contract Location/Remote Working: Galway - Hybrid - 1 week Onsite, 3 weeks Remote Pay Rate: 300- 360 Euros Per Day Summary Trust in SODA is collaborating with a leading finance company who are seeking an accomplished Senior Engineer to focus on their application security. As a team member, you will play a pivotal role in steering decisions, leading deployments, and crafting integrations with their current systems. They are ideally looking for someone who would have experience in 2 or more of the following areas: DevOps, Security (ideally App Sec) and Software Development. Essentials AWS certification (advantageous) and has working experience with cloud environments. Hands on experience with automation & pipeline implementation (Testing, Continuous Integration/Continuous Delivery pipeline). Any application security experience, including Pen Testing, Static Composition Analysis (SCA), SAST, DAST, and Web Application Firewalls (WAF) would be considered a plus. Experience with data processes, including but not limited to ETL, ELT, Data Modeling, and proficiency with BI tools like PowerBI, Tableau, or similar, as well as Oracle or equivalent RDBMS, is also advantageous. Skills You possess strong engineering skills and have experience deploying maintainable, scalable multi-tiered applications. You are capable of designing and developing tools/applications. You have experience with test automation, including solid understanding of test tools. You have a security architecture mentality. Key Responsibilities Design, develop, test, deploy and maintain SAST, SCA and secret scanning tools into the CI/CD pipeline and developer workflow tools. Evaluate and leverage opensource or vendor technologies, to support the development community in eliminating application security vulnerabilities from their applications. You are a collaborative team-player in an autonomous team, owning all aspects of delivery (coding, quality, DevSecOps).