Required Skills & Experience

• B.S. degree in Computer Science, Computer Engineering, Information Assurance or related field
• Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development or related field
• Hands-on experience working with Cloud and/or DevSecOps related technologies
• Excellent understanding of DevSecOps techniques and processes, guide integration of various tools in DevSecOps processes (GitLab/GitHub, SonarQube, Jenkins, Selenium, Ansible, Docker, Kubernetes, and containerization).
• Should be well versed with the AWS well architected framework or TOGAF and able to apply those principles while designing a solution
• Experience building and supporting applications in the Cloud (AWS, Azure, GCP)
• Experience engineering software within an Amazon Web Services (AWS) cloud infrastructure
• Troubleshoot and resolve problems with existing cloud controls
• Extensive knowledge of the OWASP Top 10
• Experience with vulnerability risk and impact assessment
• Experience integrating security capabilities in cloud and application lifecycle management platforms especially in a DevOps model
• Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs, FindSecurityBugs, Brakeman and Open Source scanning tools such as Sonatype CLM
• Experience implementing, deploying, and providing support for custom AWS Config Rules, CFN Hooks and CFN Guard Rules.
• Comfortable building and supporting applications in the Cloud (AWS, Azure, GCP).
• Competence engineering software within an Amazon Web Services (AWS) cloud infrastructure.
• Experience integrating Open-source controls and tools into current enterprise architecture.
• Have experience reviewing Open-source components to making recommendations to configuration or environmental changes that increase security or reduce risk