Browse Jobs posted by genuine Employees
Apply to get a referral. Absolutely FREE
This job posting is Old. Please check Latest Jobs
|
|
Cynosure Corporate Solutions Jobs DevOps Jobs
| Posted 5 months ago
( 1 Quick Applied )
Job Description
Roles and responsibilities:- Considered subject matter expert within discipline
- Solves complex problems; takes a broad perspective to identify innovative solutions
- Can either work independently on in teams
- Requests guidance in complex situations or when needed
- Interprets challenges and recommends best practices to improve processes
- Capacity to lead functional teams or projects to solve complex problems and deliver solutions
- Communicates difficult concepts and negotiates with others to conclude on goal-centric points of view
- Provides resolution support to wide array of issues that are complex in scope
- Contributes to departmental business planning and solution design
- Uses expert level Cyber Security knowledge base to complete tasks
- Intrinsic understanding of software development life cycles
- Excellent oral and written communication skills
- Understanding of security by design principles, architecture concepts & security frameworks (NIST, PCI, OWASP, etc.)
- Knowledge of current and emerging security technologies, threats, and techniques for exploiting security vulnerabilities in the code or application
Requirements:
- 6+ years of experience working with systems deployed on AWS
- 4+ years of technical experience in Incident Management for AWS Cloud solutions
- 1+ years of experience with AWS Incident Detection and Response
- Demonstrated experience using Splunk for Incident Management and processes supported by Okta CIAM, PhishER, PagerDuty, Imperva, CrowdStrike, AWS Guard Duty, Defender for Cloud Apps, etc.
- Incident Management (2+ years minimum)
- Risk Management techniques (2+ years minimum)
- Vulnerability Management
- Web Application Firewalls such as Imperva
- As a subject matter expert or stakeholder, has previously supported information security audits in any of the following
- frameworks or regulations: PCI DSS, NIST, SOC 1 or 2, ISO 27001, Sarbanes-Oxley (SOX) or HITRUST
- Experience in analyzing threats of cloud and application components, such as findings from Security Assessments
Nice to have:
- Familiarity with Jira, GitHub, Okta, WordPress, Qualys VMDR, Jenkins, Rancher, Terraform, Snyk & Contrast
- Familiarity with some of the following concepts:
- SAST (Static Application Security Testing)
- DAST (Dynamic Application Security Testing)
- SCA (Software Composition Analysis)
- SBOM (Software Bill of Materials)
- Image Scanning
- SOAR (Security Orchestration, Automation and Response), good if experienced in
- IaC (Infrastructure as Code)
- Threat Modeling
- PenTesting (Web App, Mobile, External)
- CSA (Cloud Security Assessment)
- Familiarity with Java (including npm and Maven), Docker & Kubernetes
