

DevSecOps Strategy & Implementation: Define and execute a DevSecOps roadmap that integrates security into CI/CD pipelines, Kubernetes, serverless applications, and AI-driven chatbot platforms
Azure Chatbot Security: Implement secure AI and chatbot architectures in Azure, ensuring compliance with security standards, data protection, and access control.
Databricks Security & Data Protection: Secure data lakes, ML models, and Databricks notebooks by implementing role-based access control (RBAC), encryption, and compliance monitoring
Security Automation & Infrastructure as Code (IaC): Automate security controls using Terraform, Ansible, Bicep, and Azure Policy to enforce security in cloud-native deployments
Azure Key Vault & Secrets Management: Design and implement secure identity and secrets management strategies, ensuring API keys, encryption keys, and credentials are properly managed.
Digital Rights Management (DRM): Implement data protection, rights management, and access controls to ensure secure handling of intellectual property, digital assets, and sensitive data across applications and data platforms
Cloud & Container Security: Establish best practices for securing containers, Kubernetes, microservices, and serverless functions, including runtime security and policy enforcement
MITRE ATT&CK-Based Threat Modeling & Risk Management: Utilize MITRE ATT&CK techniques to enhance threat modeling, detection engineering, and security response strategies for applications, infrastructure, and data environments
Zero Trust & API Security: Enforce security controls around OAuth, SAML, JWT, Zero Trust, and API gateways to secure applications, chatbot interactions, and Databricks data pipelines
Security Monitoring & Incident Response: Leverage MITRE ATT&CK tactics to design threat hunting, detection, and response strategies using SIEM, XDR, and threat intelligence tools
Compliance & Governance: Ensure DevSecOps implementations align with NIST, CSA, CIS, ISO 27001, and regulatory requirements (e.g., SOX, GDPR, CMMC, HIPAA)
Collaboration & Training: Partner with development, IT, and security teams to build security awareness and advocate for secure coding, DevSecOps best practices, AI security, and data security
Security certifications (CISSP, CSSLP, CCSP, CKS, OSCP, GCSA, or similar)
Hands-on experience with CI/CD tools (Azure DevOps, GitHub Actions, GitLab CI/CD, Jenkins, ArgoCD, etc.)
Expertise in Azure Security Services, including Azure Key Vault, Azure Sentinel, Defender for Cloud, and Security Center
Experience securing AI-driven chatbot platforms (Azure Bot Service, OpenAI GPT, or similar)
Strong knowledge of cloud security (Azure, AWS) and container security (Kubernetes, Istio, Docker)
Experience securing Databricks workloads, data lakes, ML pipelines, and Spark environments
Familiarity with Digital Rights Management (DRM) strategies for protecting sensitive assets
Strong experience leveraging MITRE ATT&CK for threat modeling, detection engineering, and adversary simulation
Experience implementing SAST, DAST, SCA, and RASP security solutions in DevOps workflows
Familiarity with SOAR, SIEM, XDR, and threat intelligence tools
Experience working with API security, OAuth2, JWT, SAML, and microservices security
Strong understanding of secure coding principles, threat modeling, and OWASP Top 10
Excellent communication skills to influence development teams, data engineering teams, and executive leadership
Minimum Qualifications
Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or equivalent experience in a related field
Minimum five (5) years of experience in DevSecOps, cloud security, or cybersecurity architecture
Hands-on expertise in securing cloud-based AI/chatbot solutions, data platforms (Databricks), CI/CD workflows, and software development
Strong background in cloud security, automation, and compliance
Ability to design scalable and secure application architectures
Passion for fostering a security-first DevOps culture
or at +1-408-352-2808
. Please ensure that you have searched
משרות נוספות שיכולות לעניין אותך