Senior Cloud Engineer
Company: Datum Software, Inc
Location: Atlanta
Posted on: January 27, 2023
|
|
Job Description:
Sr. Cloud Engineer #35132
Long-Term Contract
Atlanta, GA
-
-
Qualifications:
-
--- B.S. degree in Computer Science, Computer Engineering,
Information Assurance or related field
--- Minimum 5+ years of professional experience in application
security, penetration testing, security assessment, secure software
development or related field
--- Extensive knowledge with dynamic scanners like Palo Alto Prisma
or VeraCode.
--- Extensive knowledge of the OWASP Top 10
--- Experience with vulnerability risk and impact assessment
--- Experience integrating security capabilities in cloud and
application lifecycle management platforms especially in a DevOps
model
--- Extensive knowledge of the secure development lifecycle
--- Extensive knowledge with static analysis tools and flaw triage
such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs,
FindSecurityBugs, Brakeman and Open Source scanning tools such as
Sonatype CLM
--- Extensive knowledge with vulnerability scanners like Qualys and
Tenable
--- Excellent written and verbal communication skills
--- Strong sense of urgency and ownership
-
Preferred Qualifications:
-
--- Extensive experience in application security and ethical
hacking
--- Extensive experience exploiting web, mobile and application
security vulnerabilities
--- Extensive experience in software development
--- Extensive experience integrating secure coding techniques with
product teams
--- Professional certifications such as CISSP, CISM, OSCP and
CEH
-
Responsibilities:
-
--- Identify weaknesses and vulnerabilities that affect the
confidentiality, integrity and availability of corporate protected,
sensitive and confidential company information and data
--- Conduct Static Application Security Test (SAST) and Dynamic
Application Security Test (DAST) using VeraCode
--- Work within the DevSecOps model to secure Containers, withing
ROSA, Tekton and OpenShift pipelines
--- Possess a knowledge of CI/CD orchestration tools such as
Jenkins, Tekton, GitLab, or Bamboo.
--- Provide operational support for container security tools (Palo
Alto Prisma, Aqua, or equivalent)
--- Perform Baseline Image validation of new container template
images.
--- Perform Vulnerability scans on container environments. Develop,
test, and maintain containerized applications security
--- Troubleshoot any connectivity or operational issues.
--- Ensure security requirements are implemented within various
stages of the system development lifecycle process; work closely
with development teams to pen test new features within internally
developed applications
--- Apply software development skills (e.g., Java, C#.NET,
JavaScript) to recommend secure coding practices
--- Validate and address vulnerability / threat findings from
static and dynamic analysis tools
--- Characterizes threats and provides recommendations for
remediation; manages remediation efforts to completion
--- Develops and presents finding and remediation reports to
audiences including team members from all department areas and
levels of the company
--- Perform security reviews of software designs and assist
developers to ensure quality and robustness of our internal
products
--- Conduct security assessments against web applications and APIs
across a variety of technology stacks
--- Ensure adequate security requirements and privacy by design are
built into all architecture/infrastructure/projects
--- Integrating threat modeling practices into the application
testing lifecycle
--- Impart application security and ethical hacking subject matter
expertise into team processes
--- Drive improvements in the security testing practice to include
execution methodology and metrics
--- Partner effectively with development and infrastructure teams
to integrate security
--- Drive awareness and knowledge of security in developers
--- Effectively communicate technical issues to non-technical
leaders
--- Continually improve proficiency in application and API
exploitation, tools, techniques, and countermeasures
-"All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, disability, or
status as a protected veteran"
-
Keywords: Datum Software, Inc, Atlanta , Senior Cloud Engineer, Engineering , Atlanta, Georgia
Click
here to apply!
|