T
Lead Principal Cloud And Application Security Engineer
Salary undisclosed
Apply on
Availability Status
This job is expected to be in high demand and may close soon. We’ll remove this job ad once it's closed.
Original
Simplified
Description:
Position Summary:
We are seeking a proactive and collaborative Senior Cloud and Application Security Engineer to integrate security measures into every phase of our cloud and application development lifecycle. The ideal candidate will champion security best practices and foster a culture of security awareness within the organization. Responsibilities include developing automated security solutions to enhance efficiency and response capabilities, designing and managing security protocols for cloud infrastructure, and enforcing security guidelines for Infrastructure as Code (IaC). The role requires securing containerized environments, partnering with DevOps for CI/CD pipeline security, and leading security initiatives alongside the Senior Application Security Engineer. The Senior Cloud and Application Security Engineer will also maintain application security standards, stay updated on emerging security threats, and proactively investigate potential risks. An action-oriented mindset and strong relationship-building skills are essential to drive information security forward effectively.
Essential Functions:
Collaborate with IT, development, and operations teams to embed security into every aspect of the cloud and application security lifecycle
Advocate for security best practices, raising awareness and driving a security-first culture across the organization
Develop and implement automated security solutions to streamline security processes, improve efficiency, and enhance response capabilities
Collaborate with architecture and IT to design, implement, and manage security measures for our cloud environments
Develop and enforce security best practices for Infrastructure as Code (IaC) to ensure secure deployment and configuration management
Secure containerized environments, including Docker and Kubernetes, and ensure compliance with security benchmarks
Partner with DevOps teams to integrate security into the CI/CD pipeline for container deployment and management
Along with the Senior Application Security Engineer, lead application security initiatives, including secure code reviews, vulnerability assessments, and web application penetration testing
Develop and maintain application security standards and guidelines, ensuring they are integrated into the software development lifecycle
Stay abreast of the latest security threats, trends, and technologies, especially in cloud, IaC, and container environments
Proactively identify and investigate security threats by analyzing security logs, conducting threat hunting exercises, and implementing advanced detection mechanisms
Continuously evaluate and improve security tools and processes to address evolving security
Be action oriented, demonstrating high energy and an action-oriented approach to challenging work tasks, with a willingness to act swiftly and with minimal planning when opportunities arise.
Build strong peer relationships by finding common ground and fostering problem-solving for mutual benefit, advocating for information security interests while remaining equitable to other groups, promoting teamwork and cooperation, and maintaining open and honest communication with colleagues.
Skills:
Security, Application security, Owasp, Security architecture
Top Skills Details:
Security,Application security,Owasp,Security architecture
Additional Skills & Qualifications:
Education/Experience/Skills:
Bachelor's degree in computer science/Engineering/Information Security preferred.
Minimum of 7 years' experience in Information Security within cloud-native or SaaS technology environments
Proficiency in cloud platforms such as AWS, Azure, and Google Cloud Platform, container orchestration tools (Kubernetes, Docker), and Infrastructure as Code (Terraform, Ansible)
Experience in application security practices and tools, including static/dynamic analysis and familiarity with OWASP standards
Strong analytical, problem-solving, and communication skills
Ability to work collaboratively in a dynamic environment
3-5 years of hands-on experience securing Infrastructure as Code, Application Security, and Policy as Code (PaC) using coding languages such as Python, Go, JavaScript, or YAML
Minimum two years of experience automating and scaling CIS benchmarks or equivalent standards
Extensive experience writing technical and business-friendly security documentation
Strong written and verbal communication skills in English
Professional certifications such as Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) are highly desirable
Experience Level:
Expert Level
About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Position Summary:
We are seeking a proactive and collaborative Senior Cloud and Application Security Engineer to integrate security measures into every phase of our cloud and application development lifecycle. The ideal candidate will champion security best practices and foster a culture of security awareness within the organization. Responsibilities include developing automated security solutions to enhance efficiency and response capabilities, designing and managing security protocols for cloud infrastructure, and enforcing security guidelines for Infrastructure as Code (IaC). The role requires securing containerized environments, partnering with DevOps for CI/CD pipeline security, and leading security initiatives alongside the Senior Application Security Engineer. The Senior Cloud and Application Security Engineer will also maintain application security standards, stay updated on emerging security threats, and proactively investigate potential risks. An action-oriented mindset and strong relationship-building skills are essential to drive information security forward effectively.
Essential Functions:
Collaborate with IT, development, and operations teams to embed security into every aspect of the cloud and application security lifecycle
Advocate for security best practices, raising awareness and driving a security-first culture across the organization
Develop and implement automated security solutions to streamline security processes, improve efficiency, and enhance response capabilities
Collaborate with architecture and IT to design, implement, and manage security measures for our cloud environments
Develop and enforce security best practices for Infrastructure as Code (IaC) to ensure secure deployment and configuration management
Secure containerized environments, including Docker and Kubernetes, and ensure compliance with security benchmarks
Partner with DevOps teams to integrate security into the CI/CD pipeline for container deployment and management
Along with the Senior Application Security Engineer, lead application security initiatives, including secure code reviews, vulnerability assessments, and web application penetration testing
Develop and maintain application security standards and guidelines, ensuring they are integrated into the software development lifecycle
Stay abreast of the latest security threats, trends, and technologies, especially in cloud, IaC, and container environments
Proactively identify and investigate security threats by analyzing security logs, conducting threat hunting exercises, and implementing advanced detection mechanisms
Continuously evaluate and improve security tools and processes to address evolving security
Be action oriented, demonstrating high energy and an action-oriented approach to challenging work tasks, with a willingness to act swiftly and with minimal planning when opportunities arise.
Build strong peer relationships by finding common ground and fostering problem-solving for mutual benefit, advocating for information security interests while remaining equitable to other groups, promoting teamwork and cooperation, and maintaining open and honest communication with colleagues.
Skills:
Security, Application security, Owasp, Security architecture
Top Skills Details:
Security,Application security,Owasp,Security architecture
Additional Skills & Qualifications:
Education/Experience/Skills:
Bachelor's degree in computer science/Engineering/Information Security preferred.
Minimum of 7 years' experience in Information Security within cloud-native or SaaS technology environments
Proficiency in cloud platforms such as AWS, Azure, and Google Cloud Platform, container orchestration tools (Kubernetes, Docker), and Infrastructure as Code (Terraform, Ansible)
Experience in application security practices and tools, including static/dynamic analysis and familiarity with OWASP standards
Strong analytical, problem-solving, and communication skills
Ability to work collaboratively in a dynamic environment
3-5 years of hands-on experience securing Infrastructure as Code, Application Security, and Policy as Code (PaC) using coding languages such as Python, Go, JavaScript, or YAML
Minimum two years of experience automating and scaling CIS benchmarks or equivalent standards
Extensive experience writing technical and business-friendly security documentation
Strong written and verbal communication skills in English
Professional certifications such as Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP) are highly desirable
Experience Level:
Expert Level
About TEKsystems:
We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Similar Jobs
