Security Operations Engineer

2 days ago

Apply Now

Receive Emails with Similar Jobs

InfraCloud Technologies

WebsiteLinkedInAll Job Openings

Cloud Native Applications • Container Orchestration • Continuous Integration/Deployment • Infrastructure as code • Cloud - Public, Private, Hybrid

201 - 500

Description

• Keeping up with the state of the art in application security, operational security, and DevSecOps, helping developers build software securely throughout the complete software development lifecycle. • Enhance the security posture of our platforms and applications, securing production and pre-production services running on Kubernetes. • Evangelize intelligent security solutions and mitigations that categorically solve classes of vulnerabilities by addressing their root causes. • Continue to learn new technology and business processes and apply an offensive (“red team”) security mindset to them to discover vulnerabilities and drive improvements. • Hunt for and identify threats and vulnerabilities which impact our software and infrastructure. • Continuously improve the systems and algorithms we use to identify potential indicators of compromise. • Apply common information security frameworks and standards utilized in the industry to understand requirements and best practices as they apply to software. • Leading independent third-party vendors through security assessments, such as penetration testing, social engineering, and compliance. • Implement and maintain our security tooling.

Requirements

• Experience securing virtualized workloads, containerized services, and platforms like Kubernetes at scale in production on public clouds, preferably with both Linux and Windows workloads. • Experience securing AWS, (or e.g., Azure, GCP) cloud infrastructure and security-focused services such as AWS KMS, Cloud HSM, Encryption SDK, IAM, and STS. • Development and administration experience on Linux environments with distributions like Debian and Ubuntu. • Broad, adaptable programming experience across modern languages like Java/Python/PHP/Ruby/Go/Groovy/C/C++. • Deep understanding of web technologies such as HTTP, TLS, REST, and services such as Nginx and HAProxy. • Experience with tooling and systems for build, infrastructure automation, and monitoring, such as Docker, Jenkins, Terraform, Datadog, JFrog, and Sumologic. • Good knowledge of security principles at all layers of the OSI stack. • Blue and/or red team experience is highly valued.