Job ID 1122
Alpharetta, GA, 30004
6 - 15 years experience
104244 - 169320 Annual
IT-Software, Software Services
1 of Openings
We are looking for an experienced Developer to join our SecDevOps team.
Must have a passion for securing applications and pipelines, knowledge of application security risks, and a willingness to share that knowledge with development teams.
The SecDevOps engineer will implement cutting edge security technologies inside SecDevOps pipeline processes.
Experience in Full Stack development in an AWS environment, and a good understanding of Front- and Back-end system security, along with pipeline and Application Security is vital.
What Part Will You Play?
Working with Infosec teams and Product Owners to achieve alignment between information security and business change objectives
Architect, design and provide implementation patterns of security controls throughout solution delivery lifecycle.
Design and develop generic security patterns and guidelines to enable applications stay compliant - integrate them Application and DevOps processes and CI/CD pipelines from early stages of the lifecycle
Evaluate and onboard security tools such as RASP, WAF, SAST, vulnerability and open source scanning into the SecDevOps life cycle for multiple tech stacks
Drive continuous improvement to both the SecDevOps pipelines and processes, and to the Information Security tools, services, and processes
Experience working in an agile, DevOps/SecDevOps environment
S or M.S in Computer Science or other related engineering fields
3+ years of experience working in a Software Engineering role with a solid foundation in programming, algorithms, and software application design
2+ years of experience working in a Security role handling on premise and cloud infrastructures
3+ years of experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for everyday deployments
Experience with Kubernetes, AWS, SaltStack, Docker, and Kafka.
Experience converting feedback from security analysis tools (Threat Stack, Amazon Inspector, etc.) into infrastructure improvements
Hands-on experience with tools and technologies used throughout secure SDLC such as AppScan, Fortify, Veracode, WhiteSource etc.
Knowledge of common software and web application security vulnerabilities crypto primitives, authentication protocols and authorization standards such as SSL/TLS, OAuth, JWT tokens etc.
Knowledge of cryptographic principles and practice, security attack vectors and application security vulnerabilities such as SQL Injection, Cross Site Scripting, CSRF etc.
For Job Seekers
Current Job Opportunity
Executive & Permanent Search
Temporary / Contract Staffing
Temporary To Permanent Staffing