Login / Register
JOB DETAIL
Apply Now
Security Engineer
Date Posted:
09-06-2021
Job Summary
Skills
Azure, Rancher, AWS
Location
Pune
Job Title
Security Engineer
Educational Qualification
Experience Required (yrs)
2 - 5 years
Job Description
Responsibilities:
Use appropriate programming language and technology, writes code, completes programming and documentation, performs testing and debugging of applications for the enterprise.
Deliver and maintain cloud native data protection and security products that span on-prem, and major cloud providers and platforms (i.e. AWS, Azure, Google, Digital Ocean, Rancher, OpenShift )
Develop products that would be of value in public/private cloud services, Infrastructure as Code, DevSecOps toolsets, and platforms including compute, storage, networking, containers, monitoring/logging, and Continuous Integration/Continuous Deployment (CI/CD)
Research cloud native security industry, best practices, and tools Qualifications:
GoLang programming related must-have qualifications: o Strong knowledge of Go programming language paradigms, constructs, and idioms o Knowledge of common Goroutine, Channel patterns and implementation of General Design patterns/anti-paterns in Go. o Dependency management tools such as Go mod o Development expertise in building and consuming web services using REST/JSON/Arvo/gRPC/Protobuf o Experience writing Unit tests and ability to debug programs in Go
Cloud Native Security experience o Experience with securing container deployments, Kubernetes, managed Kubernetes PaaS services, Agile environments, and DevOps environments preferred o 2-4 years of experience securing cloud deployments on common platforms like Microsoft Azure, Amazon Web Services, or Google Cloud Platform preferred o Experience with of Automation frameworks, DevSecOps best practices, etc. o Knowledge of application security concepts, static/dynamic security analysis, software composition analysis, secrets management, WAF, RASP and related tools. o Security features in cloud providers (e.g, Azure AWS, etc.) o Security penetration testing and auditing using security-related tooling
Basic understanding with network security and networking technologies and with system, security, and network monitoring tools ? Some experience building applications running in Kubernetes environment. ? Systems Programming on Linux Nice to have:
Some experience with Vulnerability Assessment tools (Nexpose, Nessus, Burp) desired
Understanding of OWASP top 10 – vulnerabilities and how to defend against these attacked
Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc) preferred. ? Performs Network and Web Application Penetration testing ? Proficient with Qualys, Nessus, Metasploit, Armitage, Kali Linux, and other security tools
Industry standards-based documentation, certification, and accreditation such as NIST SP 800-53, FIPS 140-2/3, and Security Technical Implement Guides (STIGs) and bringing components into compliance with these standards
Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and security frameworks (e.g.,NIST 800-53, OWASP, CSA cloud control matrix, MITRE etc.)
Relevant security certifications such as OSCP, ISC2 CISSP, SANS, CEH, etc. are a major plu