| Cloud Container Security Engineer- Hybrid- Locals to GA Only at Atlanta, Georgia, USA |
| Email: [email protected] |
| From: k mahesh, Msysinc [email protected] Reply to: [email protected] Title: Cloud Container Security Engineer- Hybrid- Locals to GA Only Location: Atlanta, GA, USA Length: Long term Restriction: W2 or C2C Send resume to: [email protected] Description: **** Webcam interview*** ***13+ Months contract with possible extension *** ***Hybrid*** ***Locals to GA Only*** Description: Job Overview: As a Senior Application & Cloud Container Security Engineer, you will be joining Security Team. You will be responsible for solving advanced technical security challenges, building a world-class application security testing organization, and collaborating with various teams to promote high standards and professionalism. You will focus on application security assessments, code reviews, container security, and manual API testing using industry-standard tools like Burp Suite. Candidate Should Have: 5+ years of experience in application security, penetration testing, secure software development, or related fields. Hands-on experience with cloud technologies and DevSecOps processes. Proficiency in integrating security tools in CI/CD processes (GitLab, Jenkins, Docker, Kubernetes). Familiarity with AWS Well-Architected Framework or TOGAF. Strong knowledge of cloud security (AWS, Azure, GCP) and application lifecycle management platforms. Expertise with static analysis tools (Veracode, HP Fortify) and open-source scanning tools (Sonatype CLM). Strong understanding of OWASP Top 10 and vulnerability risk assessment. Excellent written and verbal communication skills. Strong sense of urgency and ownership. Preferred: Extensive experience in application security, ethical hacking, and secure coding practices. Experience exploiting security vulnerabilities in web and mobile applications. Proficiency in software development (Java, C#.NET, JavaScript). Professional certifications (AWS Practitioner, CISSP, or cloud security certifications). Job Responsibilities: Conduct Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Source Code Analysis (SCA) using tools like Veracode. Perform application security assessments, container security evaluations, and manual API testing. Identify application vulnerabilities and conduct root cause analysis for issues found in the source code. Review and integrate security capabilities into cloud environments and DevSecOps models (AWS, Azure, GCP). Guide development teams in integrating security services and applications into CI/CD pipelines (GitLab, Jenkins, Tekton, Kubernetes). Manage and support security tools for containers (e.g., Palo Alto Prisma, Aqua, Wiz). Validate and address vulnerability findings from static and dynamic analysis tools. Develop and present security findings and remediation reports to stakeholders at all levels. Perform security assessments on web applications and APIs across different technology stacks. Ensure security requirements and privacy by design are built into all architectures and projects. Provide subject matter expertise on secure coding practices, ethical hacking, and security testing. Promote security awareness and knowledge in the developer community Keywords: csharp continuous integration continuous deployment hewlett packard wtwo Georgia Cloud Container Security Engineer- Hybrid- Locals to GA Only [email protected] |
| [email protected] View all |
| Tue Oct 08 00:15:00 UTC 2024 |