Senior Cloud Engineer - GA at Horizontal Talent in Atlanta, Georgia
Posted in Other about 2 hours ago.
Job Description:
Required
-
B.S. degree in Computer Science, Computer Engineering, Information Assurance or related field
-
Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development or related field
-
Extensive knowledge with dynamic scanners like Palo Alto Prisma or VeraCode.
-
Extensive knowledge of the OWASP Top 10
-
Experience with vulnerability risk and impact assessment
-
Experience integrating security capabilities in cloud and application lifecycle management platforms especially in a DevOps model
-
Extensive knowledge of the secure development lifecycle
-
Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs, FindSecurityBugs, Brakeman and Open Source scanning tools such as Sonatype CLM
-
Extensive knowledge with vulnerability scanners like Qualys and Tenable
-
Excellent written and verbal communication skills
-
Strong sense of urgency and ownership
Preferred
-
Extensive experience in application security and ethical hacking
-
Extensive experience exploiting web, mobile and application security vulnerabilities
-
Extensive experience in software development
-
Extensive experience integrating secure coding techniques with product teams
-
Professional certifications such as CISSP, CISM, OSCP and CEH
Responsibilities:
Key Responsibilities:
-
Identify weaknesses and vulnerabilities that affect the confidentiality, integrity and availability of corporate protected, sensitive and confidential company information and data
-
Conduct Static Application Security Test (SAST) and Dynamic Application Security Test (DAST) using VeraCode
-
Work within the DevSecOps model to secure Containers, withing ROSA, Tekton and OpenShift pipelines
-
Possess a knowledge of CI/CD orchestration tools such as Jenkins, Tekton, GitLab, or Bamboo.
-
Provide operational support for container security tools (Palo Alto Prisma, Aqua, or equivalent)
-
Perform Baseline Image validation of new container template images.
-
Perform Vulnerability scans on container environments. Develop, test, and maintain containerized applications security
-
Troubleshoot any connectivity or operational issues.
-
Ensure security requirements are implemented within various stages of the system development lifecycle process; work closely with development teams to pen test new features within internally developed applications
-
Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend secure coding practices
-
Validate and address vulnerability / threat findings from static and dynamic analysis tools
-
Characterizes threats and provides recommendations for remediation; manages remediation efforts to completion
-
Develops and presents finding and remediation reports to audiences including team members from all department areas and levels of the company
-
Perform security reviews of software designs and assist developers to ensure quality and robustness of our internal products
-
Conduct security assessments against web applications and APIs across a variety of technology stacks
-
Ensure adequate security requirements and privacy by design are built into all architecture/infrastructure/projects
-
Integrating
-
threat
-
modeling
-
practices
-
into
-
the
-
application testing
-
lifecycle
-
-
Impart application security and ethical hacking subject matter expertise into team processes
-
Drive improvements in the security testing practice to include execution methodology and metrics
-
Partner effectively with development and infrastructure teams to integrate security
-
Drive awareness and knowledge of security in developers
-
Effectively communicate technical issues to non-technical leaders
-
Continually improve proficiency in application and API exploitation, tools, techniques, and countermeasures
More jobs in Atlanta, Georgia
|
Hilton Global |
|
KinderCare Education LLC |
|
MMC |