Job responsibilities:

•Automate and orchestrate the process of Cloud software deployment (CI/CD) to integrate enterprise security standards, policies, configurations, and architectures, for applications, platforms, and infrastructure
•Assist DevOps team members with the development and operationalization of security, and access Cloud requirements
•Provide security engineering input to programs throughout the lifecycle to ensure systems meet NIST and Cloud standards
•Maintains current knowledge of relevant technology as assigned
•Ensure the security posture of applications seeking deployment into Production
•Demonstrate ability to review source code introduced by development teams (Python, PowerShell, Bash, Java, C#, C)
•Ability to work on multiple projects in parallel, ensuring security best practices are utilized across all stages of application development as well as applications deployed to production.

Preferred Qualifications:

•At least 3 years of relevant DevOps and Security experience with one or more public cloud technologies
•Knowledge and understanding of IT architectures, distributed systems and microservices
•Experience with programming languages and in writing automation scripts (Python, PowerShell, Bash, Java, C#, C )
•Knowledge and experience with containerization (Docker, Kubernetes, AKS)
•Knowledge and experience with CI/CD and DevOps tools such as GitHub/GitLab, Jenkins, Chef, Ansible, Puppet, Azure DevOps and Terraform
•Knowledge and experience with security / DevSecOps tools
•Understanding of cloud security and governance technologies such as WAF, IAM, CASB, and API Gateways
•Outstanding troubleshooting/problem solving abilities
•Exhibiting familiarity with Cloud Security Alliance, Center for Internet Security, ISC2, and SANS Cloud Security Standards for securing Cloud Applications, IaaS, PaaS, SaaS, Containers, and Microservices;
•Experience working with relevant security frameworks (PCI, NIST, ISO 27001, SOC1/2)
•Experience working with relevant cloud security frameworks/guidelines (CSA CCM, PCI Cloud Supplement, ISACA Cloud Computing Audit)
•Inquisitive and resourceful – not afraid to network within the organizations to ask relevant questions
•Excellent verbal and written communication skills – ability to explain complex concepts to a wide variety of individuals with varying technical skills
•Interacting with project management team members and key stakeholders on application projects
•Ability to handle sensitive and confidential information appropriately

Preferred Certifications:

•Microsoft Certified:
o Azure Fundamentals- AZ-900,
o Azure Developer Associate – AZ-204
o Azure DevOps Engineer Expert – AZ-400
o Azure Security Engineer Associate– AZ-500
•SANS - Cloud Security Automation (GCSA)
•ISC(2) - CISSP, CCSP
•Other similar professional certifications