Information Security Engineer - DevSecOps - Remote
This Jobot Job is hosted by: Melanie McSweeney Are you a fit? Easy Apply now by clicking the "Apply Now" button and sending us your resume. Salary: $125,000 - $135,000 per year
A bit about us:
Nonprofit Research Organization In business for over 70 years 1,800 employees
Why join us?
Great Benefits: Medical, Dental, Vision 9 paid holidays 20 Days of PTO per year 9 sick days per year Wellness Programs Health Flex Spending Account Dependent Car Flex Spending Account https://apply.jobot.com/jobs/information-security-engineer-devsecops/1199017990/?utmsource=Dice - care.com Short Term and Long Term Disability Maternity, Parent, Caregiver Leave Life Insurance Adoption Assistance Reimbursement Tuition Reimbursement 401(a) - 20% vested after 2 years, 50% after 3 years, %100 vested after 4 years
Job Details
Seeking an Information Security Engineer, DevSecOps with a strong background in both cybersecurity and API-driven automation and orchestration to join the Information Security Architecture and Engineering team. The Architecture and Engineering team applies next generation technologies to combat the efforts of advanced persistent threat (APT) adversaries in their attempts to infiltrate and disrupt our computing services. The candidate will apply their experience to streamline ongoing operations while identifying and pursuing opportunities to continuously improve the impact and reliability of our cyber deterrence capabilities applying zero trust architecture (ZTA) network principles through API-driven automation to integrate systems, orchestrate workflows and perform quality assurance checks on network and system configurations. The engineer will identify, design, and develop solutions to integrate systems for better interoperation, facilitate continuous quality control of systems configurations, and streamline the analysis of systems vulnerabilities and assist with threat hunting. As we transition the bulk of its computing services to cloud infrastructure and services, this role will work with others on the team to identify areas where automation could benefit the cloud security posture. The information security team plays an integral role in securing all information systems by setting and verifying security and policy requirements.
DUTIES AND RESPONSIBILITIES
Developed automated orchestration routines to ensure ongoing protection of cloud services,
Design and develop solutions to integrate systems across the network to improve interoperation as well as to continuously verify systems configuration against baselines,
Identify, select, and deploy emerging cloud and hybrid cloud security services across cloud services,
Diagnose and troubleshoot cyber-related network and system performance deficiencies,
Contribute to the development and maturation of the cybersecurity strategy and roadmap,
Apply engineering principles to the management of cyber infrastructure services,
Work with all software and web development teams to ensure sound security practices and security is designed and built into the applications from the ground up.
Self-motivated and fully responsible for leading technology deliverables, analyzing gaps and driving improvements to cyber-deterrence capabilities,
Provide input to security policies and standards in accordance with changes in regulations, best practices, industry trends or controls required by contracts and grants.
Experience with relational and NoSQL database technologies
Experience with C/C#, web frameworks (e.g., Django, Flask or React), Java, JavaScript, Python, Docker and other abstraction and containerization technologies
Experience designing, implementing, and maintaining cybersecurity configurations in network, boundary appliances or application services
Some experience working with leading SaaS platform APIs such as Workday, Salesforce or Office 365
MINIMUM QUALIFICATIONS
A minimum of 5 years' experience in engineering and cyber deterrence with 3 years' experience in software engineering with languages such as JavaScript and Python
A minimum of 3 years' experience with at least one of AWS, Azure or Google Cloud Platform
Cloud orchestration technologies including such as AWS CloudFormations, Azure Kubernetes, and Durable Orchestration
Hybrid cloud security platforms such as Armor Anywhere and Cloudvisory
Secure coding standards including OWASP
Securely managing credentials and secrets for general coding and cloud APIs
Cyber forensics - conducting cyber investigations and diagnosing indicators of compromise
Proficiency with infrastructure as code, configuration management and version control systems
Requirements' definition, gap analysis and technology assessment and selection
Industry engagement - ND-ISAC, RSA, Blackhat and others
Understanding of capabilities central to securing enterprise networks including end point protection, detection and response services, network intrusion detection and prevention systems, behavior-based malware detection, and memory forensics
Stand-out qualifications that would put you ahead of other candidates
Lead developer responsible for the full stack development of a multitier application responsible for auditing, ensuring the compliance or assisting with threat hunting on a network
Developed a cyber solution that applied machine learning techniques to advance network security, visibility, or adherence to the security governance
EDUCATION AND CERTIFICATIONS
A Bachelor's Degree in Computer Science or equivalent field of study
One or more IT and Cyber Security certifications such as AWS Certified Security, Azure Security Engineer Associate, CSK, CCSP, CISSP, CISA, GCSA, and Security+
Interested in hearing more? Easy Apply now by clicking the "Apply Now" button.