Ihre aktuelle Jobsuche

27 Suchergebnisse

Für Festanstellung in New York

Sr. Cloud Security Engineer II

USA, New York

  • $185,000 to $200,000 USD
  • Engineer Stelle
  • Fähigkeiten: AWS/GCP/security/Python/kubernetes/terraform/IaC/SDLC/cicd/CSPM/CWPP/cloud native security/Gitlab/GitOps/TeamCity/Ansible/devsecops/engineering
  • Seniority: Senior

Jobbeschreibung

The Sr. Cloud Security Engineer would be responsible for delivering cloud, container and infrastructure as code security through the CloudOps department and adjacent CISO organization. The Sr. Cloud Security Engineer will lead and provide updated guidance and hands-on support to development, devops and software/engineering teams on cloud security best practices, security architecture, and configuration management.

The individual will also assist our application security team ensuring that cloud-native applications are secured, well built, and assist with security exposures. The role will be also responsible for integrating security automation into DevOps processes, enhancing cloud security posture. Additionally, the position may be required to support the broader information security team (Governance Risk and Compliance, Security Operations, and IT Security).



Responsibilities and Duties:

Implement Cloud Security Principles, Best Practices, DevSecOps techniques across the company which covers areas such as integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production release procedures.
Promote Cloud Security and DevSecOps culture and train development and DevOps teams secure cloud, container and infrastructure as code.
Mastering Cloud Security subject matter expertise for enterprise customers within the DevOps team.
Drive adoption of Cloud Security, DevSecOps tooling and practices including application security testing including automating security (within hybrid technology environment)
Be engaged in all aspects of Cloud Security and assist with DevSecOps program rollout.
Ability to apply security knowledge and experience in a DevOps development lifecycle
Development and implementation of cloud security, container security and infrastructure as code security concepts, principles, and best practices
Enhance cloud security posture and application attack surface management by advising and assist implementing cloud security with DevOps and CloudOps personnel
Assist in deploying and remediation findings from Cloud Secure Posture Management (CSPM) solutions and Cloud WOrkflow Protection Platforms (CWPP), or Cloud Native Security Platforms (CNSPs)/Cloud Native App Security Platforms (CNASPs)
Assist in secure training to global software developers/engineers
Support Information Security department leads including but not limited to Governance Risk and Compliance (GRC), Security Operations (Incident Response, Monitoring etc.), and IT Security (TVM, additional security tools etc.)
Assist in Merger & Acquisition (M&A) security-related activities


Qualifications:

3+ years in cloud security specifically focusing in either AWS or GCP
1+ years using and securing Terraform or a similar infrastructure as code (IaC)
1+ years using and securing Kubernetes (K8s) in a cloud or hybrid environment
1+ years experience in application security including AppSec concepts such as those in OWASP top 10, secure SDLC, agile methodologies and transformations etc.
1+ years working with and remediating findings from Cloud Secure Posture Management (CSPM) solutions and Cloud Workflow Protection Platforms (CWPP), or Cloud Native Security Platforms (CNSPs)/Cloud Native App Security Platforms (CNASPs)
Knowledge in CI/CD, securing the pipeline, best practices and tools (i.e. Gitlab/GitOps, TeamCity, Ansible)
Experience with hands-on development as a software engineer/developer is an added benefit
Experience with linux is an added benefit
Experience implementing a DevSecOps program is an added benefit
Understanding of one or more of the following languages: Python, Scala, Java, .Net, C#, JavaScript, TypeScript, or Bash
Experience performing assessments against applications and their underlying infrastructure, configuration, and deployment strategy
Good leadership, communication (written and oral) and interpersonal skills
Understanding of data security, encryption and experience handling PII
Bachelor's Degree or higher in Computer Science or related field (Engineering, Computer Science, Mathematics Information Systems, etc) or equivalent technical experience
Good to have but not necessary industry recognized certification in security (e.g., CISSP, CISM, CEH, OSCP, OSWA, C|CSE, GCSA, GCLD, GPCS, CCSK, CCSP, AWS Security Specialization, Google Professional Cloud Security Engineer etc.)

DevSecOps Engineer

USA, New York

  • $160,000 to $185,000 USD
  • Engineer Stelle
  • Fähigkeiten: The Sr. DevSecOps Engineer will be responsible for delivering the global application security program within the CISO/Information Security team. The Sr. Application Security Engineer will lead and provide updated guidance and hands-on support to de
  • Seniority: Senior

Jobbeschreibung

The Sr. DevSecOps Engineer will be responsible for delivering the global application security program within the CISO/Information Security team.



The Sr. Application Security Engineer will lead and provide updated guidance and hands-on support to development and software/engineering teams on the current secure SDLC and software development security standards.



The individual will also lead the testing of the security controls of applications and implementation of architecture and operational projects to improve the hybrid, application security posture.



The Sr. DevSecOps Engineer will be also responsible for integrating security automation into DevOps processes, enhance cloud security posture, and will lead the secure development training program.



Additionally, the position will support the broader information security team (Governance Risk and Compliance, Security Operations, and IT Security).



Responsibilities And Duties





* Implement Application Security/DevSecOps which covers areas such as integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production release procedures
* Promote DevSecOps culture and train development and DevOps teams secure development and secure SDLC
* Mastering subject matter expertise for enterprise customers web application security program
* Drive adoption of DevSecOps tools and practices including application security testing including automating security (within hybrid technology environment)
* Be engaged in all aspects of DevSecOps implementation and enhance security throughout
* Ability to apply security knowledge and experience in a DevOps development lifecycle
* Development and implementation of cloud security, container security and infrastructure as code security concepts, principles, and best practices
* Enhance cloud security posture and application attack surface management by advising and assist implementing cloud security with DevOps and CloudOps personnel
* Supporting the creation and curating application security reports and metrics to stakeholders
* Deliver secure training to global software developers/engineers
* Execute, liaise, and report on penetration testing results to application and infrastructure stakeholders
* Ability to perform technical integrations with SIEM tools
* Support Information Security department leads including but not limited to Governance Risk and Compliance (GRC), Security Operations (Incident Response, Monitoring etc.), and IT Security (TVM, additional security tools etc.)
* Assist in Merger & Acquisition (M&A) security-related activities

Qualifications





* 5+ years' experience in application security including proficiency in AppSec concepts such as those in OWASP top 10, secure SDLC, agile methodologies and transformations etc.
* 3+ years' experience in one or more security testing tools, including Static Analysis, Software Composition Analysis and/or Dynamic Analysis (e.g. Veracode, Checkmarx, Snyk, NetSparker, Acunetix, Qualys WAS etc.)
* Experience with hands-on development as a software engineer/developer
* Knowledge in CI/CD, securing the pipeline, best practices and tools (i.e. Gitlab/GitOps, TeamCity, Ansible)
* Great understanding of GCP or AWS security and DevSecOps
* Understanding of one or more of the following languages: Python, Scala, Java, .Net, C#, JavaScript, TypeScript, SQL
* Familiarity with infrastructure as code security
* Familiarity with container security
* Experience performing assessments against applications and their underlying infrastructure, configuration, and deployment strategy
* Good leadership, communication (written and oral) and interpersonal skills
* Understanding of data security and experience handling PII
* Bachelor's Degree or higher in Computer Science or related field (Engineering, Computer Science, Mathematics Information Systems, etc) or equivalent technical experience
* Good to have but not necessary industry recognized certification in security (e.g., CISSP, CISM, CEH, OSCP, OSWA, GWAPT, GPEN, GCSA, GCLD, CCSK, CCSP, etc.)

Sr Salesforce Developer - PERM - 100% REMOTE

USA, New York

  • Negotiable
  • Engineer Stelle
  • Seniority: Mid-level

Jobbeschreibung

Sr Salesforce Developer

Location: Remote

Summary:

The Senior Engineer plays a critical role in helping the company transform the technology and architecture and delighting our customers with best in class technology platforms. As a pioneer of engineering excellence, an evangelist for automation and efficiency, and a trusted and respected domain expert, our Senior Engineers are at the forefront of our technology transformation strategy.

Job Responsibilities:

* Member of a scrum team developing strategic priorities impacting multiple platforms and products to drive value for our customers.
* Identify areas for technology improvement and partner with teams from across the enterprise to implement innovative and industry best practice solutions.
* Drive automation - Develop and improve our CI/CD workflow tools and processes / increase our adoption of test automation
* Lead, coach and mentor a team of junior engineers ensuring the quality of their deliverables and growing their careers through timely and actionable feedback and training.
* Perform ongoing refactoring of code, utilizing visualization and other techniques to fast track concepts, and delivering continuous improvement
* Facilitate discussions to identify alternative or different approaches to solve problems, break down barriers and drive resolution of conflicts to ensure productivity of the team.

Qualifications:

* Hands on coding experience in: Apex, Visual force, Lightning Components, Lightning Web Components, React.js and UI Frameworks
* Proficient with implementing Microservices, Function as a Service, RESTful API development
* Fully versed with Source control and effective branching strategies
* Experience implementing Continuous Integration
* Advanced knowledge of Salesforce Ecosystem - Sales Cloud, Service Cloud, MuleSoft, Heroku, Tableau, Einstein Analytics

Sr. DevSecOps Engineer

USA, New York

  • $160,000 to $185,000 USD
  • Engineer Stelle
  • Seniority: Senior

Jobbeschreibung

The Sr. DevSecOps Engineer will be responsible for delivering the global application security program within the CISO/Information Security team.

The Sr. Application Security Engineer will lead and provide updated guidance and hands-on support to development and software/engineering teams on the current secure SDLC and software development security standards.

The individual will also lead the testing of the security controls of applications and implementation of architecture and operational projects to improve the hybrid, application security posture.

The Sr. DevSecOps Engineer will be also responsible for integrating security automation into DevOps processes, enhance cloud security posture, and will lead the secure development training program.

Additionally, the position will support the broader information security team (Governance Risk and Compliance, Security Operations, and IT Security).

Responsibilities And Duties

· Implement Application Security/DevSecOps which covers areas such as integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production release procedures
· Promote DevSecOps culture and train development and DevOps teams secure development and secure SDLC
· Mastering subject matter expertise for enterprise customers web application security program
· Drive adoption of DevSecOps tools and practices including application security testing including automating security (within hybrid technology environment)
· Be engaged in all aspects of DevSecOps implementation and enhance security throughout
· Ability to apply security knowledge and experience in a DevOps development lifecycle
· Development and implementation of cloud security, container security and infrastructure as code security concepts, principles, and best practices
· Enhance cloud security posture and application attack surface management by advising and assist implementing cloud security with DevOps and CloudOps personnel
· Supporting the creation and curating application security reports and metrics to stakeholders
· Deliver secure training to global software developers/engineers
· Execute, liaise, and report on penetration testing results to application and infrastructure stakeholders
· Ability to perform technical integrations with SIEM tools
· Support Information Security department leads including but not limited to Governance Risk and Compliance (GRC), Security Operations (Incident Response, Monitoring etc.), and IT Security (TVM, additional security tools etc.)
· Assist in Merger & Acquisition (M&A) security-related activities
Qualifications

· 5+ years' experience in application security including proficiency in AppSec concepts such as those in OWASP top 10, secure SDLC, agile methodologies and transformations etc.
· 3+ years' experience in one or more security testing tools, including Static Analysis, Software Composition Analysis and/or Dynamic Analysis (e.g. Veracode, Checkmarx, Snyk, NetSparker, Acunetix, Qualys WAS etc.)
· Experience with hands-on development as a software engineer/developer
· Knowledge in CI/CD, securing the pipeline, best practices and tools (i.e. Gitlab/GitOps, TeamCity, Ansible)
· Great understanding of GCP or AWS security and DevSecOps
· Understanding of one or more of the following languages: Python, Scala, Java, .Net, C#, JavaScript, TypeScript, SQL
· Familiarity with infrastructure as code security
· Familiarity with container security
· Experience performing assessments against applications and their underlying infrastructure, configuration, and deployment strategy
· Good leadership, communication (written and oral) and interpersonal skills
· Understanding of data security and experience handling PII
· Bachelor's Degree or higher in Computer Science or related field (Engineering, Computer Science, Mathematics Information Systems, etc) or equivalent technical experience
· Good to have but not necessary industry recognized certification in security (e.g., CISSP, CISM, CEH, OSCP, OSWA, GWAPT, GPEN, GCSA, GCLD, CCSK, CCSP, etc.)