Bachelor's Degree in Computer Science, Information Systems, or in an associated discipline or an equivalent combination of education and training that provides the required knowledge, skills and abilities
8 years of hands-on experience in working with engineering teams on design and implementation of security best practices in architecture and code.
5 years of software experience, both front-end and back-end development using Java 8 , Spring, Hibernate, Python, relational databases (Oracle, PostgreSql, etc.), REST Services, Spring Boot and Microservices architecture.
Demonstrated understanding of security standards and information security and compliance frameworks, controls and best practices.
Extensive knowledge and experience in applying technology infrastructure and cybersecurity concepts, cybersecurity architecture and engineering principles, security of networks, systems, applications and data
Experience with cyber vulnerability assessment
Experience with cyber network exploitation and offensive and defensive cyber operations
Solid understanding of Cloud technologies and offerings such as AWS or Azure with at least expertise and/or certification in one while having an aptitude and appetite to learn others.
Solid understanding and experience architecting container-based solutions using Docker, Docker Swarm, Kubernetes, or similar products.
Deep understanding of iPaaS, API Management, and application integration methodologies.
Experience in Agile/Scrum environment
Experience working with development teams and demonstrated the ability to clearly explain the remediation of findings to product owners.
Must be able to obtain and maintain a Public Trust Clearance
Preferredqualifications:
Knowledge of threat modeling or other risk identification techniques.
Knowledge of web application vulnerabilities and remediation techniques.
Knowledge of system security vulnerabilities and remediation techniques.
Knowledge of maintaining security continuous monitoring.
Experience with AWS platform services, and application/service deployment in AWS
Compliance needs like FISMA, FedRAMP, FIPS and the concept of continuous compliance in the cloud