Senior Security Container Vulnerability Engineer
Posted on Sep 30, 2020 by Request Technology
A prestigious company is on the search for a Sr. Security Container Vulnerability Engineer. The key to this role is container technologies and to be able to use vulnerability scanning tools like Twist, Lock, and Aquasec. They are also looking for someone with Python Scripting experience and experience with the following technologies: AWS, Docker, open shift, Jaeger, CICD, and Ansible.
- Conduct platform or operating system vulnerability scans that assess exposure of system to attacks or hacking. Monitor Security Operations pager and respond to issues of potential viral activity, spam, phishing, etc.
- Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.
- Investigate events or incidents of apparent security breaches and report to appropriate authorities using corporate procedures.
- Confer and collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported.
- May plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.
- Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports.
- Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. May provide guidance to infrastructure or application staff participating in exercise.
- Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data.
Education Level (Required)
Bachelor Degree or Equivalent
- Proficient in container installation, development and orchestration experience.
- Strong container vulnerability scanning hands on experience.
- Hands on and analysis experience with vulnerability scanning tools (ex: Twistlock, AquaSec and etc.)
- Experience with Python, bash, Linux Shell, Java, node or similar
- Experience with AWS concepts including CloudFormation, Terraform, or custom orchestration leveraging SDKs or directly interacting with APIs
- Experience in automation and deploying CICD tools and services (Jenkins Pipeline as Code, Git, Maven).
- Knowledge of Application and Infrastructure Security and vulnerabilities concepts.