DevOps Pen-Testing Security Engineer
Posted on May 27, 2022 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Financial Institution is currently seeking an DevOps Pen-Testing Security Engineer. Candidate is responsible for driving critical security related projects, managing day to day engineering and assessment tasks, cloud-based initiatives, and DevOps development for security related endeavors. This position is a senior engineering position that requires the ability to complete highly technical tasks as well as provide informational updates to leadership and executive staff.
- Perform cloud assessments, web application penetration testing, mobile application testing, network and operating system assessments
- Perform independent reviews of security, network, applications, and cloud environments
- Plan/Design/Execute security related activities with automation as the primary driver to align with security strategy and vision
- Produce artifacts for various levels of leadership and staff relating to security related activities
- Ensure alignment of security controls as part of Blue Team testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices
- Assist management with the improvement of policy and procedure to support Security Testing and Blue Team activities as well as other security duties which may arise
- Participate in developing security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends
- Continue to support, grow, and assist development current processes and tools
- Requires an in-depth knowledge of security controls and standards in relation to Cloud Security, Architecture, and Security Testing.
- Ability to manage multiple intricate projects with strict deadlines while maintaining best in class work.
- Ability to functionally serve as a primary point of contact across multiple teams within the organization and to lead projects for the entirety of the life cycle.
- Experience with AWS Services including automation services (Lambda, JSON, etc )
- Experience with DevOps Pipelines and GitHub Repos
- Architectural understanding and expertise of cloud and hybrid cloud infrastructure
- Willingness to train and learn HashiCorp Product line to include Terraform, Sentinel and Hashi Coding Language (HCL) for automated deployment of security tools and services
- Five years Experience with Security Engineering activities and testing.
- Three years of experience with DevOps processes
- Three years experience with AWS architecture and services.
Certificates or Licenses:
- Certification in at least one or more of the following:
- AWS Certified Solutions Architect
- AWS Certified Security Specialty
- HashiCorp Terraform Associate
- Certification Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- GIAC Cloud Security Essentials (GCLD)
- GIAC Cloud Security Automation (GCSA)
- GIAC Security Essentials (GSEC)
- GIAC Defensible Security Architecture (GDSA)