Required Skills & Experience:

• B.S. degree in Computer Science, Computer Engineering, Information Assurance or related field
• Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development or related field
• Hands-on experience working with Cloud and/or DevSecOps related technologies
• Excellent understanding of DevSecOps techniques and processes, guide integration of various tools in DevSecOps processes (GitLab/GitHub, SonarQube, Jenkins, Selenium, Ansible, Docker, Kubernetes, and containerization).
• Should be well versed with the AWS well architected framework or TOGAF and able to apply those principles while designing a solution
• Experience building and supporting applications in the Cloud (AWS, Azure, GCP)
• Experience engineering software within an Amazon Web Services (AWS) cloud infrastructure
• Troubleshoot and resolve problems with existing cloud controls
• Extensive knowledge of the OWASP Top 10
• Experience with vulnerability risk and impact assessment
• Experience integrating security capabilities in cloud and application lifecycle management platforms especially in a DevOps model
• Extensive knowledge with static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, Find Bugs, FindSecurityBugs, Brakeman and Open Source scanning tools such as Sonatype CLM
• Excellent written and verbal communication skills
• Strong sense of urgency and ownership

Desired Skills & Experience:

• Extensive experience in application security and ethical hacking
• Extensive experience exploiting web, mobile and application security vulnerabilities
• Extensive experience in software development
• Extensive experience integrating secure coding techniques with product teams
• Professional certifications such AWS practitioner, cloud security certification for AWS, and CISSP.