As a Cybersecurity Engineer, you will provide leadership in the DevSecOps area of Vulnerability Scanning, Certificate/Secrets Management, Password Policy Management, Analysis for Security Monitoring, coordination of Remediation Patching, and other daily Security and Compliance efforts.
Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions. In a nutshell, you will implement security fabric in all Thales applications.
The Cybersecurity Engineer will work directly with the Platform Execution squad to improve and ensure security of the platform.
- You will ensure the effectiveness of the vulnerability management process. Implement and coordinate the remediation of high risk, complex vulnerabilities as part of the DevSecOps team. Be hands-on by making system and application changes to improve cybersecurity to systems and applications
- You will implement security fabric into the applications pipelines
- You will define how to release securely new features part of Thales portfolio
- You will provide support on the implementation and ongoing support of security monitoring and alerting systems that are part of the Cybersecurity Operations Center (CSOC)
- You will support audit and compliance efforts affecting the platform environment and operations such as PCI, SOC2, GDPR
- You will determine appropriate controls are in place via periodic assessment and testing. Identify and engage operations teams for needed remediation
- You should have familiarity with Amazon AWS/Azure Policy, Configuration, and Security Management tools.
- You will develop and maintain security policies, standards and in conjunction with production IT and DevOps teams
- You should have familiarity with API Security, Container Security, AWS Cloud Security
- You will apply security best practices and standard operating procedures for the platform solutions
- You will collaborate with stakeholders to ensure good communication and quality solutions that meet the company's technical needs
- You will create the documentation for the platform solutions
- You will shape the future our Thales IFEC platform solution
- Bachelor's degree in Computer science, Software Engineering, or another related field.
- 3+ years of experience with cloud providers such as AWS or Azure.
- 3+ years of experience with security concepts, protocols, industry best practices, strategies, frameworks and regulations such as International Standards Organization (ISO) 2700x, NIST Cybersecurity Framework, Payment Card Industry Data Security Standard (PCI DSS), Sarbanes-Oxley (SOX), and General Data Protection Regulation (GDPR).
- Prior experience (3-5 years) in a Production Engineering/ Vulnerability Remediation/ Agile or related position.
- Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the CyberSecurity program throughout the organization.
- Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (Tenable, NMAP, etc.).
- Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
- Possess leadership skills and/or act as a team player to coordinate remediation of security issues within established timeframe.
- Familiarity with Information Security frameworks/standards (i.e., CIS, NIST, RFC2196, etc).
- Comprehension in security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
- Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc.)
- You have developed for years as a Software Full stack engineer
- You have knowledge about virtualization and clustered orchestration (Kubernetes)
- Good knowledge of public APIs for web (e.g. REST APIs and/or API Gateways)
Arvin Clark Sikat, Sombilla EA License No.: 02C3423 Personnel Registration No.: R1222536