Cloud Application Security Engineer

Job Description:

As our client’s security team is growing they are nowlooking for an experienced Security professional. This role will impactmillions of people globally.

Main Responsibilities:

•             Automateand integrate security tooling into CI/CD pipelines at scale.

•             Secureinternet facing customer-facing applications that reside on the public cloud(AWS) and Advising on best practices such as WAFs

•             Evaluate,implement and operationalize additional tooling as needed. With a focus on AWSsecurity tooling such Guard Duty, security hub etc

•             Designthe product security requirements, frameworks, services and standards used byproduct development teams.

•             Assessproducts for the security of the application and infrastructure. Includingcloud native infrastructure such as Lambda Dynamo DB

•             Driveremediation of any security issues found.

•             Provideassurance that product security requirements are implemented and effective.

•             Arbitratecritical decisions correctly considering software best practices, systemrealities, and numerous stakeholders’ concerns.

•             Partnerwith our infrastructure teams to grow our use of automation and infrastructureas code practices and allow us to operate securely at scale.

•             Partnerwith our infrastructure teams to grow our use of automation and infrastructureas code practices and allow us to operate securely at scale.

•             Communicatesecurity topics to product teams through training and technical demonstrationof vulnerabilities and secure design patterns.

•             Leaddevelopment of new product security features to support the security needs ofthe client and its customers.

•             Improveengineering standards, tooling, and processes.

Requirements:

•             5years-experience in DevSecOps, Application Security, Penetration testing or similar.

•             Previousexperience in regulated industries, ideally Finance.

•             Experiencewith securing AWS, AWS Native Services, Infrastructure as Code,Containerization, and Software Development processes.

•             Relevantsecurity training (OSCP, CCSP, GCSA, AWS Security)

•             Excellentunderstanding of AWS and Network Security Standards.

•             Excellentunderstanding of automated deployments and auto-scaling applications.

•             Experiencebuilding security into deployment pipelines.

•             Experiencewith penetration testing a plus

‍