Required qualifications, capabilities, and skills
- Formal training or certification on software engineering* concepts and 5+ years applied experience
- Hands-on experience, including technical depth in one or more technology areas, such as: Cloud Enablement Design & Migration, Infrastructure Design, Distributed Technologies, and/or Messaging Technology.
- Knowledge of network architecture concepts, including topology, protocols, components, principles, fault domains and failure modes
- Understanding of latest cyber threats, attacking techniques and mitigating strategies (ie. blast radius analysis, workload placement)
- Knowledge of software-related information technology (IT) security principles and methods (e.g., modularization, layering, abstraction, data hiding, implicitly / minimization...)
- Familiarity with Terraform and Infrastructure As Code (IaC) principles and tooling
- Skilled in conducting application and infrastructure design reviews/assessment and recognizing weaknesses vulnerabilities in systems
- Hands-on experience experience of developing, engineering or architecting within a public cloud environment
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
Preferred qualifications, capabilities, and skills
- Knowledge of system and application vulnerabilities e.g. MITRE ATT&CK framework, OWASP, NIST, SANS , etc.
- Prior experience in disaster and/or cyber recovery planning and testing.
- Prior experience working with external auditors and regulators would be advantageous
- Programming experiences in one or more languages (scripting/functional/imperative -- C/C++, Java, Python, Scala, R, SQL, etc.) would be advantageous
- Certified as a AWS Solutions Architect, Azure Solutions Architect and/or CISSP