Job Responsibilities :

- Read/learn/discuss latest trends/tools/best practices/updates of cyber security, application development, and cloud services industries.

- Perform custom impact and risk analysis of identified security vulnerabilities for each product team.

- Create mitigation plans with product teams to resolve security vulnerabilities.

- Build tooling to automate security into the product teams' development, build, deployment, and operational processes.

- Actively contribute to story planning, identifying and providing expertise on work items that involve security considerations.

Be On-Call for :

- Cyber security breaches.

- High impact events (like a day zero effecting a team) or a breach.

- Uptime disruptions caused by their contributions.

Skills Required :

- Cloud Platform : AWS, Microsoft Azure.

- Development Environments : VSCode, JetBrains, Eclipse.

- Programming Languages : Know at least a few languages well (Java, JavaScript/TypeScript, C++, C, Python, Powershell, Unix shell, etc.

- Infrastructure as Code : CloudFormation, CDK, Bicep, Terraform, Ansible, etc.

- SIEM/SOAR : Microsoft Sentinel, Splunk, Checkmarx.

- OS : Linux, Windows.

- Configuration Management Tools : Git, GitHub, GitLab, Azure DevOps.

- Vulnerability Management Tools : Nessus Pro, Tenable IO, FireEye, CrowdStrike, Defender, SpyCloud etc.

Competencies :

- Willingness to prioritize team success over individual recognition.

- Champions collaboration, knowledge sharing, and mentoring as foundational practices.

- Committed to improving DevSecOps processes through continuous learning and experimentation.

- Supports sustainable pace and actively addresses technical debt.

- Willing to work onsite one week per quarter.