Sr DevSecOps Engineer - Contract Remote
Sr DevSecOps Engineer - Contract Remote
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Work Time: Initial 2 weeks needs to work on ET timezone then can work on 1 to 10 PM or 2 to 11 PM IST
JOB DESCRIPTION & RESPONSIBILITIES
Become an expert in the Companys technology stack to understand points of weakness and
opportunities for security solutions.
Assist in monitoring Companys IT control environment to identify key risks related controls
and gaps document and report results to management.
Assist with third party vulnerability testing process; document and report results to
management.
Collaborate with internal stakeholders on addressing systemic security issues.
Perform monitoring of security tools and oversee remediation of items identified.
Proactively identify threats and vulnerabilities and collect correlate and analyze data to
detect actual or potential security related incidents and ensure timely remediation by the
applicable party.
Identify implement and maintain the controls and procedures required to cost effectively
and uniformly protect Compays information system assets.
Monitor track and document information security related incidents to ensure a prompt and
efficient resolution.
Provide support and evidence collection for internal and external audits and risk assessments.
Consults with management to assist with developing corrective action plans for identified
audit risk Information Security and IT findings.
Research design and participate in or lead the implementation of security initiatives.
Stay current on the latest information technology and security trends; recommend corrective
actions as identified and needed through Information Security initiatives.
Assist in developing Companys-wide best practices for IT and Information security.
PRIMARY SKILLS
4-6 years of experience with design testing development migration & integration within a
medium-to-large organization.
Experience conducting vulnerability scans and validating scan data across workstation server
network and peripheral devices.
Operational experience with Vulnerability scanning Incident Response Endpoint Detection and
Response Monitoring and Logging including hardware refresh software testing software
upgrades and complex troubleshooting techniques.
Current experience in security threats solutions security tools and network technologies along
with a keen ability to diagnose and troubleshoot technical issues.
Proven knowledge of core AWS products and services (e.g. VPC EC2 S3 RDS ELB ALB WAF
Lambda) AWS (Iaas & Paas Components).
Proficiency is one or more programming languages (Python Java Go etc.
Proficiency in both Windows and Linux architectures.
Hands-on experience with vulnerability scanning tools: for example tools such as Qualys Rapid7
-Nexpose or Tenable Nessus etc.
Hands-on experience with EDR tools: for example tools such as Tanium Crowdstrike Cisco AMP
McAfee etc.
Working knowledge of network monitoring management and analysis tools such as Splunk
Loggly Kibana or similar.
Experience with deployment orchestration automation and security configuration management
(Jenkins Puppet Chef Cloudformation Terraform Ansible) preferred.
Ability to utilize a variety of tools like Stash Git Nexus Jenkins Gradle Groovy YML and AWS
security capabilities (WAF GuardDuty Security Groups IAM etc)
Familiarity with configuration baseline standards such as CIS Benchmarks or DISA STIGs.
Strong communication and presentation skills
Certifications such as CISSP GSEC CEH etc. (nice to have)
AWS,Python,Windows,Linux,Vulnerability Scanning,EDR
Employment Type
Full Time
