Citizen
Full Time
Direct Hire
UG :- - Not Required
PG :- - Not Required
No of position :- ( 1 )
Post :- 20th Jul 2022
Embed security throughout the lifecycle of software delivery
Acts as a Subject Matter Expert for security processes, tooling and application. Help project teams in resolving the security issues.
Strategizing cloud security for clients
Building and defining security practices
Be able to automate and optimize security as per application lifecycle.
Play a consultant and advisory role to delivery team and clients
8-12 years experience working as a security engineer which includes responsibilities working directly with delivery teams to review code and systems architecture for vulnerabilities.
In-depth knowledge and experience with OWASP and SANS standards
Experience in manual and automation basic vulnerability assessment
Experience with at least 1 popular tool in each category of SAST, DAST, Dependency checking, and container vulnerability assessment, such as Checkmarx, Burp, ZAP, Fortify, Aqua, Trivy, etc.
Has Knowledge & working experience of Security Automation for cloud and cloud components.
Hands on experience with cloud security assessments. Hands-on experience of Cloud Security tools such as ScoutSuite, Prowler, Cloud Security Suite, etc.
In-depth understanding of web technologies, common web frameworks, their vulnerabilities and mitigations
Hands on experience with any one of public cloud technologies, preferably AWS (GCP or Azure optional )
Understanding of Infrastructure as Code, Containers, CI/CD security, Perform infrastructure as code reviews
Experience with Cloud Infrastructure problems Troubleshooting and resolving
Excellent communication and interpersonal skills
Preferred Skills:
Experience in the areas of Open Policy Agent (OPA) creation
Experience with security tools such as AWS Trusted Advisor, Guard Duty, CloudTrail, WAF, Amazon Macie
Experience in scripting languages like Python, Unix Shell (bash), etc.