Citizen
Full Time
Direct Hire
UG :- - Not Required
PG :- - Not Required
No of position :- ( 1 )
Post :- 16th Jul 2022
The Staff Security Engineer is an integral part of the Security Engineering and architecture group. Owns performing threat modelling, secure architecture review, DevSecOps pipeline build, Penetration Testing (Application, Mobile App, Cloud, Infrastructure)
Security Engineer will be working closely with Engineering, IT, Engineering teams to architect, build, deploy Security tools, provide guidance on vulnerabilities, remediations and mitigations.
Experience
Possesses detailed insights of a variety of attack patterns, threats, malicious actors, exploits and common vulnerabilities
Has deep insights of Application Security S-SDLC Lifecyle framework with OWASP TOP 10, SANS 25
Has deep insights of SAST, DAST, SCA (OSVM), IaC (Terraform, CloudFormation) security
Has prior experience on Public Cloud Security and tooling (Prisma Cloud, Twistlock)
Demonstrates knowledge of current and emerging threats
Has deep knowledge of Cloud Security and Application Security Concepts
Has deep knowledge of Enterprise Security Architecture
Has prior experience on scripting Bash, Python, TFE, Scripting skills
Key Responsibilities
Learns about Synopsys business initiatives, products and attack surface to drive relevant security detections
In this role, you will help architect, deploy security solutions, tools for Application and Public Cloud Security.
You will work cross-functionally with your peers in Information Security, IT and Engineering
Research and evaluate new technology products for pilot or implementation to implement defensive measures
Develop and present security tooling deployment, documentation, Run books and SOPS for operations
Develop technical solutions and new security tools to mitigate security vulnerabilities
Partners with Security Engineers and Architects to drive improvements in technology and policy governance
Qualifications
Highly proficient with Scripting Python, JSON, Jenkins, TFE (Terraform Workspace), Java
experience Data Security concepts Data classifications, Data Security Handlings, Encryption (TDE, Application Level Encryption)
experience of Analyzing and threat hunting evolving Application and Cloud Security threats and incorporate in internal frameworks using automations
Excellent background of foundational of Application and Cloud Security concepts (AWS, Azure)
5 years of relevant Cyber Security Application Security Architecture and Tooling Deployment
Presenting security risks to wide audience including senior management
Excellent attention to detail and ability to task-switch
Ability to communicate and work seamlessly in a global team