This Job Vacancy has Expired!

Cyber Security Software Engineer - CI/CD - IAM - Triage security - Prisma - GCP - SAST - GitHub

Nexere Consulting Limited

Posted on Apr 25, 2021 by Nexere Consulting Limited

Amsterdam, Noord-Holland, Netherlands
Immediate Start
€80 - €110 Hourly

Cyber Security Software Engineer is required to work on a 6 monthly rolling contract covering projects across Benelux & DACH region(s). The Cyber Security Software Engineer will have at least 8 years experience of working across multinational projects within a Cyber Security software engineering team. Consultants from a Telecom, Manufacturing, Retail background will be highly advantageous. This role is more of a coaching/facilitating role rather than a doing role.

The ideal candidate will:

  • Work with Engineering Domain Manager/PEMs to identify ways of working with cyber security activities, IT Control Objectives and risk. (ex. visualization, EDM, PEM and EM review expectations).
  • Be ready to help teams work with and prioritize with security findings.
  • Assist with finding owners and a path forward for cross-team security issues.
  • Identify when escalation is needed to address systemic issues.
  • Experience helping teams assess security posture and assisting in prioritizing next steps.
  • (For a short time until we have a system set up): Keeping track of which activities are necessary for a team and helping them to coordinating the setup of target, relevant activities.
  • Cyber Engineer for Software Engineering
  • Knowledge of Agile development strategies (ex. Lean, Kanban, Scrum, etc.)
  • Experience with GitHub and working knowledge of gitflow
  • Threat modelling experience with a variety of methodologies and willingness to adapt approach
  • Experience automating security scanning into CI/CD pipelines (experience with GitHub actions and/or CloudBuild preferred)
  • Experience triaging security scan results (secrets scanning, SAST (Polaris), SCA (Blackduck), cloud configuration (Prisma), Container and IAM scanning (Twistlock)
  • Experience with securing cloud resources (experience with GCP preferred)
  • Software security specific knowledge:
  • Secrets management
  • DNS
  • IAM (OAuth2, AD)
  • API (endpoint) management
  • Knowledge of different security considerations for applications that run in:
  • VMs
  • Containers (Kubernetes, Openshift, AppEngine)

Reference: 1178427721

Set up alerts to get notified of new vacancies.