NO SPONSORSHIP Senior Technical Lead Toolchain - Atlassian/Jira SALARY: $160K - $240K PLUS $30K - $40K - $50K BONUS LOCATION: MCLEAN, VIRGINIA ONSITE, 3 DAYS TUESDAY/WEDNESDAY/THURSDAY REMOTE FRIDAY/MONDAY Looking for a heavy hitter. MUST have heavy Atlassian, Jira, Bitbucket, Confluence. Must have heavy cloud AWS, GCP. Must be able to do customize security - Fortify, Blackduck etc. You will be integrating into the CI/CD pipelines. How to modify, bring it to the cloud. 10 years experience That includes, but not limited to overall vision, design, prioritization, stakeholder & risk management, roadmap execution & operations of the toolchain. Provide best in class support for 5000+ users & multiple mission critical products across the Enterprise. Partner with Business Technology & IT Technology, Risk, Security divisions to ensure alignment of solution design with information security standards, architecture standards, governance, and compliance requirements. Manage toolchain operations such as resiliency, capacity, uptime in a highly effective manner Collaborate with stakeholders from disparate lines of business to prioritize capabilities and a customer value centric strategic roadmap Partner with Governance groups on principles, and guidelines that enable engineering teams to deliver low risk, high impact solutions Build & communicate on new capabilities, action plans to close gaps and meet roadmap commitments Your Impact: Develop solution design & roadmap for CICD automation with Embedded controls for complex scenarios such as governance, experimentation using modular patterns to expand automation of emerging & established cloud native stack across industry standard cloud providers Strategy to deliver business priorities such as confi gure and integrate automation of testing, security & risk management policy enforcement and of release management functions such as change record, asset records, change traceability Drive operational excellence capabilities such as Single Sign-On, Monitoring Dashboards, Audit compliance reports, password & vulnerability management Develop open lines of communication with senior leaders, within and across divisions Coach teams to collaborate effectively focused on customer centric outcomes Accountable to self-identify emerging technology risk as well as action plans and execution of open risks Be a trusted partner for technical consultation executives and senior leadership across business, platform, risk, and other partners to align roadmap with Business & IT's strategic vision Qualifications: College Degree or equivalent experience; 10+ years technology experience and 4+ years management experience Experience across design, oversight of build & operating solutions with strong organization and time management skills Operate independently with minimal guidance with demonstrated experience of delivery Use of multiple automation tools & plugins via API, Embedded scripts, Configuration for COTS tools for both pre & post actions for controls across tools for control activities such as merge checks, task/story approvals Create a modular library for Jenkins DSL using Groovy; with strategy on when to determine refactor need & devise a staggered plan to meet enterprise automation use cases Create, organize & manage a central set of templates across technology microservices (Java, JS, python), automations (script runner, help deployment patterns for cloud components such as storage, DB, gateway, vault across runtimes such as EKS, OCP using tools/products such as Rafay, Ansible, CFT, Terraform); with extensible framework as a design principle Experience in integrating Jenkins for data product deployments like Attunity, Talend, Snowflake Experience in designing and integrating with SAS products like salesforce, Automation anywhere (RPA), Appian, MicroStrategy etc for automating the build, deploy and release process Design KPI indicators (including load & scalability) and monitor operation/runtime across tools (such as Atlassian- Jira, Bitbucket, Confluence; Jenkins, Rafay), Integrations such as security (Fortify, Blackduck, Checkmarx, Twistlock, ELK), with strategy to manage continuous availability & code-based configuration to swap tools as needed Design engineering productivity metrics, such as merge size/time/frequency/releases to provide actionable insight for customers to evolve their software dev & delivery practices Experience to review cloud cost using tools such as Apptio to identify opportunities and devise action plan to reduce cost by right-sizing compute, storage, API calls across cloud native services used by customer & toolchain environments Build strategy to accelerate capability build with federated-contributor mode - with guardrails for enterprise controls, scale & maintainability Experience with AWS native services for releases, upgrades, vulnerability remediation for COTS products on managed infrastructure
17/10/2024
Full time
NO SPONSORSHIP Senior Technical Lead Toolchain - Atlassian/Jira SALARY: $160K - $240K PLUS $30K - $40K - $50K BONUS LOCATION: MCLEAN, VIRGINIA ONSITE, 3 DAYS TUESDAY/WEDNESDAY/THURSDAY REMOTE FRIDAY/MONDAY Looking for a heavy hitter. MUST have heavy Atlassian, Jira, Bitbucket, Confluence. Must have heavy cloud AWS, GCP. Must be able to do customize security - Fortify, Blackduck etc. You will be integrating into the CI/CD pipelines. How to modify, bring it to the cloud. 10 years experience That includes, but not limited to overall vision, design, prioritization, stakeholder & risk management, roadmap execution & operations of the toolchain. Provide best in class support for 5000+ users & multiple mission critical products across the Enterprise. Partner with Business Technology & IT Technology, Risk, Security divisions to ensure alignment of solution design with information security standards, architecture standards, governance, and compliance requirements. Manage toolchain operations such as resiliency, capacity, uptime in a highly effective manner Collaborate with stakeholders from disparate lines of business to prioritize capabilities and a customer value centric strategic roadmap Partner with Governance groups on principles, and guidelines that enable engineering teams to deliver low risk, high impact solutions Build & communicate on new capabilities, action plans to close gaps and meet roadmap commitments Your Impact: Develop solution design & roadmap for CICD automation with Embedded controls for complex scenarios such as governance, experimentation using modular patterns to expand automation of emerging & established cloud native stack across industry standard cloud providers Strategy to deliver business priorities such as confi gure and integrate automation of testing, security & risk management policy enforcement and of release management functions such as change record, asset records, change traceability Drive operational excellence capabilities such as Single Sign-On, Monitoring Dashboards, Audit compliance reports, password & vulnerability management Develop open lines of communication with senior leaders, within and across divisions Coach teams to collaborate effectively focused on customer centric outcomes Accountable to self-identify emerging technology risk as well as action plans and execution of open risks Be a trusted partner for technical consultation executives and senior leadership across business, platform, risk, and other partners to align roadmap with Business & IT's strategic vision Qualifications: College Degree or equivalent experience; 10+ years technology experience and 4+ years management experience Experience across design, oversight of build & operating solutions with strong organization and time management skills Operate independently with minimal guidance with demonstrated experience of delivery Use of multiple automation tools & plugins via API, Embedded scripts, Configuration for COTS tools for both pre & post actions for controls across tools for control activities such as merge checks, task/story approvals Create a modular library for Jenkins DSL using Groovy; with strategy on when to determine refactor need & devise a staggered plan to meet enterprise automation use cases Create, organize & manage a central set of templates across technology microservices (Java, JS, python), automations (script runner, help deployment patterns for cloud components such as storage, DB, gateway, vault across runtimes such as EKS, OCP using tools/products such as Rafay, Ansible, CFT, Terraform); with extensible framework as a design principle Experience in integrating Jenkins for data product deployments like Attunity, Talend, Snowflake Experience in designing and integrating with SAS products like salesforce, Automation anywhere (RPA), Appian, MicroStrategy etc for automating the build, deploy and release process Design KPI indicators (including load & scalability) and monitor operation/runtime across tools (such as Atlassian- Jira, Bitbucket, Confluence; Jenkins, Rafay), Integrations such as security (Fortify, Blackduck, Checkmarx, Twistlock, ELK), with strategy to manage continuous availability & code-based configuration to swap tools as needed Design engineering productivity metrics, such as merge size/time/frequency/releases to provide actionable insight for customers to evolve their software dev & delivery practices Experience to review cloud cost using tools such as Apptio to identify opportunities and devise action plan to reduce cost by right-sizing compute, storage, API calls across cloud native services used by customer & toolchain environments Build strategy to accelerate capability build with federated-contributor mode - with guardrails for enterprise controls, scale & maintainability Experience with AWS native services for releases, upgrades, vulnerability remediation for COTS products on managed infrastructure
Senior Azure DevOps Engineer - Surrey or Hampshire/Hybrid/WFH £70,000 to £80,000 plus bonus excellent benefits and growth potential (fantastic employer)/based in Surrey or Hampshire albeit 1, possibly 2 days per week in the office The role: An amazing financial services company are recruiting for a Senior Azure DevOps Engineer, who is ready to become a key member of the DevOps and Engineering team, providing expertise to the wider IT department. You will play a crucial role in the conceptualisation, design, and delivery of solutions in collaboration with the architecture team. Coaching and mentoring, especially around Engineering Practices and Code Quality (80% bug free). You will drive alignment with IT industry standards and engage in research and development. Your expertise will guide the seamless transition from development to production, ensuring optimal performance and reliability. Principal Duties and Responsibilities for the Senior Azure DevOps Engineer: Consulting, advising, supporting, and assisting delivery teams within the delivery pipeline as well as our suite of SDLC tools. Influential member of team, involved with setting direction and delivering. Lead in design, development and delivery of enterprise scale DevOps practices and solutions. Coaching, demonstrating, and teaching DevOps practices. Mentor to other DevOps Engineers. Escalation point with tool upgrades, configurations, installations, and integrations, as well as troubleshooting and user support. Ensures that solutions delivered are secure and scalable and comply with defined standards and best practices. Participates actively in an Agile team with Agile ceremonies and a Lean Agile mindset. Thinks with the mind of the end customer at all times, ensuring solutions seek to improve and delight the customer experience. Ensure the continued protection of the company's information, by following all applicable Information Security policies and procedures and by reporting suspected weaknesses in information security controls to the Information Security Officer. Embed and contribute to the requirements of Conduct Risk, Solvency II systems of governance, Treating Customers Fairly, Consumer Duty and the Risk Management Framework as it applies to the role and divisional activities and drive improvements as required. Job Specifications In depth knowledge of DevOps concepts, security, and practices. Experience with tools and Scripting languages, such as Azure DevOps Services, Git, SonarQube, Veracode, Terraform, Selenium, Artifactory, PowerShell, Bash, and Python. Experience with modern technologies such as virtualization, containerization, and cloud, preferably Azure. Confident in consulting with delivery teams to adopt DevOps practices and tools to bring measured improvement in engineering. Skilled in Agile development/methodologies. Analytically minded, critical thinker, positive and motivated with a willingness to drive technical and process discussions. Passionate about delivering solutions that excite our customers; holds self to high standards of delivery. Focused on continuous improvement: training and certification. Demonstrates a driven attitude, working hard to successfully deliver projects on time and budget. Demonstrates being proactive and adjusts to changing pressures and demands to help the team where it's needed most. Demonstrates excellent oral and written communication skills, experience leading groups of people through discussions, technical or otherwise. Senior Azure DevOps Engineer - Surrey or Hampshire/Hybrid/WFH £70,000 to £80,000 plus bonus excellent benefits and growth potential (fantastic employer)/based in Surrey or Hampshire albeit 1, possibly 2 days per week in the office
17/10/2024
Full time
Senior Azure DevOps Engineer - Surrey or Hampshire/Hybrid/WFH £70,000 to £80,000 plus bonus excellent benefits and growth potential (fantastic employer)/based in Surrey or Hampshire albeit 1, possibly 2 days per week in the office The role: An amazing financial services company are recruiting for a Senior Azure DevOps Engineer, who is ready to become a key member of the DevOps and Engineering team, providing expertise to the wider IT department. You will play a crucial role in the conceptualisation, design, and delivery of solutions in collaboration with the architecture team. Coaching and mentoring, especially around Engineering Practices and Code Quality (80% bug free). You will drive alignment with IT industry standards and engage in research and development. Your expertise will guide the seamless transition from development to production, ensuring optimal performance and reliability. Principal Duties and Responsibilities for the Senior Azure DevOps Engineer: Consulting, advising, supporting, and assisting delivery teams within the delivery pipeline as well as our suite of SDLC tools. Influential member of team, involved with setting direction and delivering. Lead in design, development and delivery of enterprise scale DevOps practices and solutions. Coaching, demonstrating, and teaching DevOps practices. Mentor to other DevOps Engineers. Escalation point with tool upgrades, configurations, installations, and integrations, as well as troubleshooting and user support. Ensures that solutions delivered are secure and scalable and comply with defined standards and best practices. Participates actively in an Agile team with Agile ceremonies and a Lean Agile mindset. Thinks with the mind of the end customer at all times, ensuring solutions seek to improve and delight the customer experience. Ensure the continued protection of the company's information, by following all applicable Information Security policies and procedures and by reporting suspected weaknesses in information security controls to the Information Security Officer. Embed and contribute to the requirements of Conduct Risk, Solvency II systems of governance, Treating Customers Fairly, Consumer Duty and the Risk Management Framework as it applies to the role and divisional activities and drive improvements as required. Job Specifications In depth knowledge of DevOps concepts, security, and practices. Experience with tools and Scripting languages, such as Azure DevOps Services, Git, SonarQube, Veracode, Terraform, Selenium, Artifactory, PowerShell, Bash, and Python. Experience with modern technologies such as virtualization, containerization, and cloud, preferably Azure. Confident in consulting with delivery teams to adopt DevOps practices and tools to bring measured improvement in engineering. Skilled in Agile development/methodologies. Analytically minded, critical thinker, positive and motivated with a willingness to drive technical and process discussions. Passionate about delivering solutions that excite our customers; holds self to high standards of delivery. Focused on continuous improvement: training and certification. Demonstrates a driven attitude, working hard to successfully deliver projects on time and budget. Demonstrates being proactive and adjusts to changing pressures and demands to help the team where it's needed most. Demonstrates excellent oral and written communication skills, experience leading groups of people through discussions, technical or otherwise. Senior Azure DevOps Engineer - Surrey or Hampshire/Hybrid/WFH £70,000 to £80,000 plus bonus excellent benefits and growth potential (fantastic employer)/based in Surrey or Hampshire albeit 1, possibly 2 days per week in the office
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Security Assurance Testing Engineer. for Blue Team activities. Candidate will be responsible for security testing and helping to manage the configuration baseline process. This position is a junior to midrange engineering position that requires the ability to complete technical testing and provide informational updates to leadership and executive staff. Responsibilities: . Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: . Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certifications preferred: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
16/10/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Security Assurance Testing Engineer. for Blue Team activities. Candidate will be responsible for security testing and helping to manage the configuration baseline process. This position is a junior to midrange engineering position that requires the ability to complete technical testing and provide informational updates to leadership and executive staff. Responsibilities: . Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: . Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certifications preferred: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Security Assurance Testing Engineer. for Blue Team activities. Candidate will be responsible for security testing and helping to manage the configuration baseline process. This position is a junior to midrange engineering position that requires the ability to complete technical testing and provide informational updates to leadership and executive staff. Responsibilities: . Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: . Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certifications preferred: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
16/10/2024
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Security Assurance Testing Engineer. for Blue Team activities. Candidate will be responsible for security testing and helping to manage the configuration baseline process. This position is a junior to midrange engineering position that requires the ability to complete technical testing and provide informational updates to leadership and executive staff. Responsibilities: . Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: . Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certifications preferred: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Security Assurance. This role is focused on testing, configuration, review, and assessment of security postures such as cloud, penetration testing, networking, operating systems, DevOps, applications, etc. They will need experience with operating system control framework such as CIS Benchmark or STIG desired. Responsibilities: Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of company security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of the company Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure
16/10/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Security Assurance. This role is focused on testing, configuration, review, and assessment of security postures such as cloud, penetration testing, networking, operating systems, DevOps, applications, etc. They will need experience with operating system control framework such as CIS Benchmark or STIG desired. Responsibilities: Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of company security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of the company Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Security Assurance. This role is focused on testing, configuration, review, and assessment of security postures such as cloud, penetration testing, networking, operating systems, DevOps, applications, etc. They will need experience with operating system control framework such as CIS Benchmark or STIG desired. Responsibilities: Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of company security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of the company Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure
16/10/2024
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Associate Principal, Security Assurance. This role is focused on testing, configuration, review, and assessment of security postures such as cloud, penetration testing, networking, operating systems, DevOps, applications, etc. They will need experience with operating system control framework such as CIS Benchmark or STIG desired. Responsibilities: Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of company security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of the company Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends Continue to support, grow, and assist the development of current processes and tools Qualifications: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
15/10/2024
Contractor
Contract - Cybersecurity Infrastructure Engineer/Architect Rate: Open Location: Remote in the United States *We are unable to provide sponsorship for this role* Qualifications 8+ years of Security Infrastructure focus with an emphasis on the following: Security Design, Infrastructure security, Cloud migration, Citrix cloud, SDWAN security, VPN, GitHub security, MS Power platform, MS co-pilot Experienced in large enterprise environments is a must Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Responsibilities Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
15/10/2024
Contractor
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
NO SPONSORSHIP Security Assurance Engineer SALARY: $150K - $165K PLUS 15% BONUS LOCATION: CHICAGO Hybrid 3 days onsite and 2 days remote You will be responsible for security testing, configuration, baseline process and perform a variety of assessments. loud assessments, light penetration testing, network operating, system assessments testing. blue team activities security controls and standards AWS networking operating systems cloud security devops security testing enterprise applications prior vulnerability management security remediation detailed experience with operating system control framework such as cis benchmark or STIG desired certifications strongly preferred Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Qualifications: Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Technical Skills: Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Education and/or Experience: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certificates or Licenses: Strongly prefer at least one of the following certifications: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
15/10/2024
Full time
NO SPONSORSHIP Security Assurance Engineer SALARY: $150K - $165K PLUS 15% BONUS LOCATION: CHICAGO Hybrid 3 days onsite and 2 days remote You will be responsible for security testing, configuration, baseline process and perform a variety of assessments. loud assessments, light penetration testing, network operating, system assessments testing. blue team activities security controls and standards AWS networking operating systems cloud security devops security testing enterprise applications prior vulnerability management security remediation detailed experience with operating system control framework such as cis benchmark or STIG desired certifications strongly preferred Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Qualifications: Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Technical Skills: Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Education and/or Experience: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certificates or Licenses: Strongly prefer at least one of the following certifications: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
NO SPONSORSHIP Security Assurance Engineer SALARY: $150K - $165K PLUS 15% BONUS LOCATION: Dallas, TX Hybrid 3 days onsite and 2 days remote You will be responsible for security testing, configuration, baseline process and perform a variety of assessments. loud assessments, light penetration testing, network operating, system assessments testing. blue team activities security controls and standards AWS networking operating systems cloud security devops security testing enterprise applications prior vulnerability management security remediation detailed experience with operating system control framework such as cis benchmark or STIG desired certifications strongly preferred Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Qualifications: Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Technical Skills: Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Education and/or Experience: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certificates or Licenses: Strongly prefer at least one of the following certifications: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
14/10/2024
Full time
NO SPONSORSHIP Security Assurance Engineer SALARY: $150K - $165K PLUS 15% BONUS LOCATION: Dallas, TX Hybrid 3 days onsite and 2 days remote You will be responsible for security testing, configuration, baseline process and perform a variety of assessments. loud assessments, light penetration testing, network operating, system assessments testing. blue team activities security controls and standards AWS networking operating systems cloud security devops security testing enterprise applications prior vulnerability management security remediation detailed experience with operating system control framework such as cis benchmark or STIG desired certifications strongly preferred Perform a variety of assessments under the guidance of senior team members which could include cloud assessments, light penetration testing, and network and operating system assessments Perform guided reviews of security, network, applications, and cloud environments Produce reports and artifacts for various levels of leadership and staff relating to security related activities Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise Qualifications: Requires working knowledge of security controls and standards for a variety of technologies including networking, operating systems, Cloud Security, DevOps, and Security Testing. Ability to participate in multiple concurrent testing assignments while maintaining high quality of work Ability to think critically about the relative risk of security observations within the context of the overall environment and controls Technical Skills: Experience supporting server operating systems, networking, and enterprise applications Experience with AWS Services including automation services (Lambda, JSON, etc) Experience with DevOps Pipelines and GitHub Repos Architectural understanding and expertise of cloud and hybrid cloud infrastructure Education and/or Experience: Three years of experience with Security Engineering activities and testing. One to two years of experience with DevOps processes One to two years of experience with AWS architecture and services. Prior experience as a systems or network engineer desired Prior experience with vulnerability management and security remediation desired Detailed experience with operating system control framework such as CIS Benchmark or STIG desired Certificates or Licenses: Strongly prefer at least one of the following certifications: AWS Certified Solutions Architect AWS Certified Security Specialty Certification Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) GIAC Cloud Security Essentials (GCLD) GIAC Cloud Security Automation (GCSA) GIAC Security Essentials (GSEC) GIAC Defensible Security Architecture (GDSA)
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
02/10/2024
Contractor
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing