TOP 3 must-have skills you’re looking for? (Measurable skills, technologies, etc.)
a.) Coding and scripting experience – e.g. Powershell, Bash, Python or equivalent.
b.) Continuous Integration/Delivery Tools – e.g. Gitlab, Github, Jenkins
c.) Orchestration tools - e.g. Terraform, Ansible or CloudFormation
Essential Skills and Attributes:
Operations
- Use of orchestration tools such as Terraform, Ansible or CloudFormation
- Previous Analytic and troubleshooting experience is required
- Experience migrating application from on-premises to public cloud.
- Experience with Blue-Green deployment methodologies.
- Experience working with containerized workloads such as Docker and Kubernetes.
- Experience with Log Management tools e.g – Elastic Stack, Graylog or Splunk
- Experience working with an enterprise RDBMS such as MySQL, Postgres and/or Microsoft SQL Server.
- Knowledge of change control and associated procedures.
- Use of Secret Management services e.g - Hashicorp Vault
- Experience with any high-level programming language.
- Configuration Management tools – e.g. Ansible, Puppet, Chef or equivalents.
- Professional experience of working within the public cloud – Azure, AWS or GCP.
- Hands-on experience of Linux and Windows server including support and troubleshooting.
- System and application monitoring – e.g. Prometheus, Grafana, Nagios etc.
- Professional Experience with common source control tools – e.g Git, SVN
- Cloud Architecture and system design to solve key business problems and facilitate team goals.
- Strong and enthusiastic technologist, able to demonstrate a broad technical knowledge
- Ability to act as a point of expertise, advise others in the team on best practice and impart knowledge.
Development
- Coding and scripting experience – e.g. Powershell, Bash, Python or equivalent
- Continuous Integration/Delivery Tools – e.g. Gitlab, Github, Jenkins
- Orchestration tools - e.g. Terraform, Ansible or CloudFormation
- Cloud Architecture and system design to solve key business problems and facilitate team goals.
Security
- Hands-on experience performing application static/dynamic security and penetration assessment with tools such as – SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP Proxy, WebInspect, Fortify, Veracode, Nessus etc.
- Good understanding of defensive, corrective and detective controls and requirements
- Knowledge of OWASP Top 10/ SANS Top 25, identify vulnerabilities via manual and automated testing methods and how to effectively remediate vulnerabilities associated with each. Ability to recognize and escalate Security issues.
- Exposure to application security testing (source code review and web/mobile application penetration tests)
- Familiarity with different types of security vulnerabilities and tools for countermeasure
- The candidate should be well versed in Information security principles at an Intermediate level
Desirable Skills:
- Desirable – AWS / Azure Certifications
- Knowledge of software development and coding/scripting languages of Shell, Python, GoLang, Java, .NET, and Node.js and orchestration tools like Terraform, Ansible or CloudFormation.
- Understanding data processing proficiency in configuration design IT Infrastructure and monitoring management systems.
- Any DevOPS/IaC related experience using above listed areas supporting DBA(Database Administration) Support Infrastructure will be huge plus.
Qualifications:
- 5+ years experience and proven background working in a technical, Cyber Security related position.
- Bachelor's degree in computer science, computer engineering, information technology, or relevant field, or relevant experience. Proven background working in a technical, IT related position.
- Industry certification such as CSSP, AWS Certified Security, CSSLP desirable