Position Title : LeadApplication Security Engineer
Location : Remote
Contract Duration : Long Term Contract
Interview : Virtual
KeyResponsibilities :
Web Application FirewallManagement :
- Expertisein AWS WAF and Cloudflare .
- Tweakand tune rules to ensure optimal inline and outofband securitycontrols.
Leadership andCommunication :
- Leadand communicate effectively with stakeholders even without priorexperience.
- Proficient in answeringscenariobased questions and navigating updates risks and issues toleadership.
ApplicationSecurity :
- Understandand apply OWASP Top 10 principles.
- Implement and manage ApplicationSecurity Testing (AST) frameworks (e.g. SAST DAST SCA SBOMServerless).
- Understand information securityprinciples and application security fundamentals.
AWS CloudServices :
- Manage andsecure AWS services including WAF ALB CloudFrontCloudFormation ECS EC2 S3 SQS RDS SSL / ACP CloudTrailKinesis and more.
- Use AWS SDKs(Java Boto3 for Python) and CLI tools to automate and manage cloudinfrastructure.
SoftwareDevelopment :
Experience in programming with languages like Java and Python .
CI / CD and VersionControl :
- Implementand manage CI / CD pipelines using Jenkins .
- Useversion control systems like BitBucket and Git .
Monitoring andReporting :
Developand manage Splunk queries dashboards and lookup tables.
CollaborationTools :
Use Jira and Confluence for project anddocumentation management.
SecurityTools :
Utilize toolslike Postman and Burp (or other HTTP proxy tools) fortesting and debugging.
Support :
Provide periodic afterhour support asneeded.
Qualifications :
- Strong expertise in AWSWAF and Cloudflare .
- Excellent communication skills and the ability to leadeffectively.
- Solid understanding of OWASP Top 10 and application securityprinciples.
- Experience with applicationsecurity testing frameworks and security controls.
- Proficient in using AWS services and related SDKs and CLItools.
- Software development experience in Javaand Python.
- Knowledge of CI / CD tools likeJenkins and version control systems like BitBucket andGit.
- Experience with Splunk for monitoring andreporting.
- Familiarity with Atlassian tools(Jira and Confluence).
- Proficient in usingPostman and Burp for security testing.
- Abilityto provide afterhour support periodically.
Preferred / BonusSkills :
- Experience asa people leader.
- Understanding of informationsecurity principles and fundamentals.
- Familiarity with additional AWS services and securitybest practices.
- Additional programming orscripting experience.
- Experience with othersecurity tools and frameworks.
Tech Lead Software Engineer - Data Privacy and Security
TikTok is the leading destination for short-form mobile video. We integrate our functionalities deeply into Apache's big data ecosystem (Spark, Hive, Presto), and build world-class data security & privacy framework to support high efficient and seamless data life cycle management. ...
Lead Security Engineer
Background as a security engineer, site reliability engineer, cloudops engineer or systems engineer with strong cybersecurity exposure would also be considered as long as you have experience as a first responder. The security team leads the company’s programs for information security and cybersecuri...
Senior/Principal Software Engineer, Tech Lead, Cryptography Engineering, Product Security
The Cryptography Engineering team provides solutions to common data encryption, data authenticity and key management workflows in order to empower Snowflake engineers and bring the most secure Data Cloud to our customers. We solve the hard security problems so other Snowflake engineers don’t have to...
Lead Security Engineer
Lead and drive security projects from idea formulation, to design through implementation, partnering with engineering and cross-functional teams. Establish security capabilities and controls to diminish security risks and meet security and compliance requirements. Evaluate existing and new security ...
Lead Security Engineer
Salesforce Proactive & Offensive Security is hiring a Security Engineer for our Third Party Security team to help assess and maintain the security of third party suppliers. Are you an experienced security professional, passionate about reducing third party risk for large enterprises? Do you get exci...
Lead Security Engineer
Position Title: LeadApplication Security Engineer. Understand information securityprinciples and application security fundamentals. Experience with applicationsecurity testing frameworks and security controls. Tweakand tune rules to ensure optimal inline and outofband securitycontrols. ...
Lead Product Security Engineer
As a lead security engineer for Application Security, you will play a crucial role in ensuring the security and integrity of our software products. You will lead efforts to strengthen our application security posture, reduce application security vulnerabilities at scale, contribute to development of...
Lead Security Engineer, Vulnerability Management and Response
Our team offers the unique opportunity to work with leading industry security experts and engage across Amazon teams and leadership. As a Security Engineer in VMR Response, you will play a hands-on role in the proactive identification and remediation of security issues at Amazon. Your teammates are ...
Lead Security Engineer
As a Lead Security Engineer at JPMorgan Chase within the Cyber and Tech Controls Emerging Technology Security group, you are an integral part of team that works to deliver software solutions that satisfy pre-defined functional and user requirements with the added dimension of preventing misuse, circ...
Cloud Network Engineer - II - Poly - Security Clearance Required
A Cloud Network Engineers' role may span a variety of traditional roles, such as design engineer, deployment engineer, operations engineer and project manager. OR Bachelor's Degree in Electrical Engineering, Optical Engineering, Computer Science, Engineering, Information Technology, or related field...