Job responsibilities
- Executes standard security solutions in accordance with existing playbooks to satisfy security requirements for internal clients (e.g., product, platform, and application owners)
- Writes secure and high-quality code using the syntax of at least one programming language with limited guidance.
- Applies specialized tools (e.g., vulnerability scanner) to analyze and correlate incident data to identify, interpret, and summarize probability and impact of threats when determining specific vulnerabilities.
- Delivers risk-based assessments of secure technology controls relating to cloud services, cloud platforms and architectural components.
- Performs security reviews of infrastructure-as-code for cloud platform enhancements.
- Supports business technology teams to understand control requirements and associated scope dependent on cloud architecture.
- Interfaces with wider CTC teams ensuring platform integration with security operations, threat intelligence, IAM and network security
Required qualifications, capabilities, and skills.
- Formal training or certification on Security engineering concepts and 3+ years applied experience.
- Basic experience developing security engineering solutions.
- Demonstrable ability to code in one or more languages
- Experience across the whole Software Development Life Cycle
- Exposure to agile methodologies such as CI/CD, application resiliency, and security
- Working knowledge of information and network security, IT risk management, and architectural concepts and patterns
Preferred qualifications, capabilities, and skills
- Ability to interact within a cross Line of Business technology organization, empower people, build rapport, garnering respect.
- Willingness to understand technology processes such as resiliency, disaster recovery management, performance and capacity management required specific to the public cloud.
- Certifications in AWS, Azure, Google, security certifications, CCSP, CISA, CISSP, CISM or other information security certifications would be a significant advantage.
- Hands on experience of developing and/or architecting within a Public Cloud environment would be a significant advantage