The Cyber Security Engineer will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. The person in this role will contribute to the execution of strategic information security architecture to enable effective business operations, manage enterprise risk, and address business or regulatory issues.
Contract Duration: 12 Months
Required Skills Experience
The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications
- Ability to lead the exercise of collecting the required data to produce the deliverables
- Ability to articulate the requirements in technical and non technical language
- Ability to defend secure design and support it with real life scenarios
- Ability to articulate the risk and findings in business language
- Explain vulnerabilities and threats
- Threat modeling
- Recent attacks
Application Security Focus Areas
- Secure Code Development
- Secure SDLC
- Secure Agile development
- Testing Security requirements
- Writing security stories
- Web Application Security
- Owasp 10
- SAST and DAST Scan
- API Security
- CI/ CD pipeline
- Integrate security tools
- Security testing
- Shared Responsibility model
- Secure services in the cloud
- Infrastructure security in the cloud
- Secure boundaries
- Authentication Authorization
- security services in the Cloud
- Cloud Native VS Third party security capabilities
- Container Security
- Container security lifecycle
- Image scanning
What You Will Be Doing
- Strong knowledge of network security protocols, best practices, and perimeter security tools
- Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping
- Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management
- Understanding of common data protection technologies such as cryptography, tokenization, and hashing
- Understanding of Azure native security services and best practices
- Strong knowledge of threat modelling and risk assessment technologies or frameworks
- Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions.
- Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats.
- Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.
- Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture.
- Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
- Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices.
- This list is not all-inclusive and you are expected to perform other duties as requested or assigne
You will receive the following benefits:
- Medical Insurance - Four medical plans to choose from for you and your family
- Dental Orthodontia Benefits
- Vision Benefits
- Health Savings Account (HSA)
- Health and Dependent Care Flexible Spending Accounts
- Voluntary Life Insurance, Long-Term Short-Term Disability Insurance
- Hospital Indemnity Insurance
- 401(k) including match with pre and post-tax options
- Paid Sick Time Leave
- Legal and Identity Protection Plans
- Pre-tax Commuter Benefit
- 529 College Saver Plan
Motion Recruitment Partners is an Equal Opportunity Employer, including disability/vets. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.