Security Engineer (Application Security, Devsecops)

Details of the offer

Job Summary
This role involves collaborating with different teams to develop and maintain secure cloud architectures in line with best practices. It includes setting up continuous asset monitoring, administering security controls across cloud infrastructure, and implementing secure practices in development lifecycle and containerization platforms. The role also requires developing automated security tools for integration into the CI/CD pipeline, conducting regular security testing and vulnerability scanning, and assessing data flows for potential security risks. Furthermore, the role involves providing guidance to other teams, managing vulnerability resolution, and participating in incident response efforts. Understanding of secure software development practices and DevSecOps methodologies.
Job Requirements
Experience in security engineering and DevSecOps.
Lead and oversee all aspects of the Secure Software Development Lifecycle.
Implement and manage security tools within the CI/CD pipeline, focusing on DevSecOps practices.
Conduct threat modeling, design, and architectural reviews to identify potential risks.
Support third-party penetration testing by analyzing vulnerabilities and assessing their potential impact and exploitability.
Possess a foundational understanding of web application security.
Demonstrate strong knowledge of cloud computing platforms like AWS, Azure, GCP and their associated security services and features.
Experience with SAST, SCA, and DAST, with the ability to address real-world challenges in these areas.
Understand runtime security, image scanning, network security, access control, host OS hardening, and vulnerability management in the container lifecycle.
Knowledgeable in Kubernetes and the implementation of best practices.
Proven expertise in using Terraform and other infrastructure as code tools, managing vulnerabilities, policies and implementing best practices.
Handle vulnerability management for images.
Adaptable and capable of exploring various products with a wide range of tools and pipelines.
Familiarity with CI/CD tools such as GitHub Actions, Jenkins or TeamCity.
Stay informed about emerging security threats and technologies, offering recommendations for security enhancements.
Experience in automating security controls.
Understanding of networking and communication protocols like TCP/IP, UDP, SSL/TLS, IPSEC, HTTP, HTTPS, BGP.
Proficiency in scripting or programming languages like Python, Gol, Ruby for security automation and integration.

Education
Required 4 years of experience in the security domain.
Bachelor's degree in computer science, Information Security, or a related field.


Nominal Salary: To be agreed

Source: Eightfold_Ai

Requirements

Contact Center Representative

Job ID 25-474 Come Join Our Passionate Team! At Barracuda, we make the world a safer place. We believe every business deserves access to cloud-enabled, ent...


Barracuda Networks Inc. - Karnataka

Published 18 days ago

Solution Architect: Data Platforms

Create Solution Outline and Macro Design to describe end to end product implementation in Data Platforms including, System integration, Data ingestion, Data ...


Ibm Careers - Karnataka

Published 9 days ago

Package Specialist: Sap Hana Basis

As an SAP Consultant, you are responsible for the technical design and implementation of the solution at our clients. You are an expert in your subject and a...


Ibm Careers - Karnataka

Published 9 days ago

Software Development Manager

Who you are: As a development Manager, you will use your knowledge and experience to help drive IBM Cloud Storage project priority .You'll lead complex progr...


Ibm Careers - Karnataka

Published 9 days ago

Built at: 2025-01-15T22:06:18.037Z