DevSecOps Engineer

  • Job ID:

    1664

  • Pay rate range:

    $55/hr - $65/hr

  • City:

    Philadelphia

  • State:

    Pennsylvania

  • Duration:

    01/27/2019 - 01/27/2020

  • Job Type:

    Contract

  • Job Description:

    DevSecOps Engineer / Software Security Engineer

     

    This key role is part of our clients Digital Infrastructure Engineering and Operations team. The ideal candidate will work internally with App/Dev/Platform teams and externally with their global security teams to ensure application and system security. This includes helping and guiding application development and platform teams to develop application with utilization of security best practices from ground up, implementing secure coding practices, helping security maturity in on premise and at public cloud environment being established in AWS/Azure to ensure security considerations are implemented and met for best practices.

     

    Key Functions:

    • Perform security assessment and compliance activities by using assessment tools and procedures

    • Facilitate implementation and execution of static, dynamic and run-time code analysis (SAST, DAST, IAST/RASP) and also work with application and internal teams for to ensure secure coding practices are implemented

    • Lead and respond to security-related incidents. Provide a thorough post-incident analysis including steps to minimize/remediate and fix the impact

    • Develop strategies to respond to and recover from a security breach

    • Investigate security breaches by conducting a technical and forensic investigation into how the breach happened and the extent of the damage

    • Participate and help facilitate Threat modelling workshops

    • Participate in security architecture review (SAR) / application security assessments to ensure all security design best practices and standards are met

    • Support the research of emerging technology, requisite security requirements, and emerging threats and develop way-forwards to meet organizational goals

    • 1-2 years' experience in Cloud Security with exposure to AWS / Azure Native Security

    • Familiarity and exposure to Network Security, Operating System Security, Web Security and End Point Security

    • Good understanding and familiarization with data encryption

    • Assist in evaluation, selection and implementation of encryption solutions and key management systems

     

    Qualification:

    • Proficient at the secure software development lifecycle and DevSecOps

    • Deep understanding of OWASP and SANS top vulnerabilities

    • Good understanding of identity, authentication and authorization systems

    • Good understanding of cryptographic trust based systems

    • Cloud security knowledge preferred

    • Data and database security

    • Knowledgeable in Federation, SSO, IDS, IPS, Host Based Firewall, WAF (Web Application Firewall), DNS, DHCP, HTTPS/TLS, SSH, Key Management, PKI, Tokens, SAML, OAUTH, Fido knowledge preferred

    • Knowledgeable in compliance standards like: PCI, CPNI, ISO 27001, FCC Regulations, SOX, Subscriber PII

    • Coding / Scripting experience required

    • Security expertise in one or more relevant areas

    • Proficient in using some of these Tools: SAST/DAST (Coverity, Fortified, IBM AppScan, Veracode, BurpSuite, Web Inspect), Wireshark, MobSF pen-testing framework, Needle, Inspeckege, Drozer etc, Code Repository (GitHub, TFS), Configuration mgmt. (Ansible, Terraform, AWS Cloud Formation)

     

    Experience

    • 10+ years of experience in security and technology based industry

    • 5 years of experience working with various security architectures

    • Industry Recognized Certifications in Security (a plus)

    • Certified Ethical Hacker CEH (preferred)

    • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (LPT), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP)

     

    Education:

    • Bachelor's Degree in Information Systems, Computer Science, Management Information System, Cyber Security or Engineering

    #PCIT

Apply to Job

Add Performance Rater (for Prior Role)

CONTRACTORS

Find Exclusive Contracting Opportunities

Download our app to build and sustain a viable contracting career. Share your phone number to receive the download link.

  • +1

© 2024 PeopleCaddie. All rights reserved.

Contractor Sign Up

Already have an account? Sign In

Log In

Create Account
Forgot Password?

Request a client demo

PeopleCaddi Logo
Hi, .

Create a password to view invite-only contractor profiles and send interview requests

By clicking Join Now, you agree to PeopleCaddie’s Terms of Use and Privacy Policy.

Already have a PeopleCaddie account? Sign in

PeopleCaddie ©2024

Client Registration Request

Already have an account? Sign In

Thank you for registering
with PeopleCaddie!

An activation email has been sent to your email address containing your temporary password and a convenient link to PeopleCaddie’s Client Portal. Just log in and begin creating job orders!

Thank you for registering.

Start by filling out your profile.

Forgot Password?

Enter your E-Mail to help us identify you.