As a member of the R&D Cybersecurity team, you will be responsible for reviewing new and existing applications, identifying, and ranking potential risks, providing remediation/mitigation suggestions and direction, as well as documenting your findings for review.
- Work with Development Operations (DevOps) to review currently deployed applications and their supporting infrastructure for potential security risks.
- Document any findings and recommendations for formal review.
- Review cloud and mobile use case architecture to ensure we design confidentiality, integrity, resiliency, and privacy into our products
- Advise DevOps team members on security best-practices
- Attend design review meetings to identify and document any potential security risks in a cloud or mobile implementation.
- Identify security-based controls to mitigate any potential risks identified during a security review.
- Experience working with common network appliances such as a Web Application Firewall (WAF), SIEM, traditional Firewall, API Gateways, or Load Balancers.
- 2+ years’ Experience creating security-based threat models for Cloud Applications
- 2-5 years’ Experience working in a Mobile Environment (Android, iOS)
- Experience with using a security-based risk scoring system (CVSS)
- Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
- 2-5 years’ Experience working in a Cloud Environment (GCP, Azure, AWS)
- Experience with threat modeling and hazard-analysis frameworks such as STAMP, STRIDE etc.
- Experience leveraging the MITRE ATT&CK™ Framework
- Experience working with Google Cloud Provider (GCP)
- Knowledge of OWASP top ten vulnerabilities for web applications and APIs
- Previous Web Application development experience
- Cloud Computing certifications such as CCSK, AWS, Azure, and GCP a plus
- Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
- Experience with a common scripting language (Python, Bash)
Vacancy Type: Full Time
Job Location: United States
Application Deadline: N/A