Cloud Security DevOps Lead Engineer

Bucharest - 1A Poligrafiei Boulevard

Applications have closed

PwC

We are a community of solvers combining human ingenuity, experience and technology innovation to help organisations build trust and deliver sustained outcomes.

View all jobs at PwC

Job Description & Summary

A career in Information Security will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You’ll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.

As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution.

Skills and responsibilities for this management level include but are not limited to:

  • Exhibiting leadership/mentorship with team members; 

  • Designing and providing solutions to fit the requirements of the project stakeholders, customers, and end-users conforming to the standards established by the IT organization; 

  • Developing secure cloud resource deployment templates in Cloud Service Providers using Terraform, Azure ARM, AWS Cloud Formation, or GCP Deployment Manager; 

  • Integrating security into cloud resources through deployments templates, policy management tools, configuration management tools, CI\CD pipelines, and other automation or orchestration solutions; 

  • Automating deployment of cloud resources and applications using Bash, Python, PowerShell, or other scripting languages; 

  • Exhibiting familiarity with Cloud Security Alliance, Center for Internet Security, ISC2, and SANS Cloud Security Standards for securing Cloud Applications, IaaS, PaaS, SaaS, Containers, and Microservices; 

  • Interacting with distributed version control systems like Git, GitHub, GitOps, etc; 

  • Deploying code using CI\CD tools like GitHub, Azure DevOps, Jenkins, etc; 

  • Working with Hashicorp stack including Terraform, Vault, Sentinel, Consul; 

  • Possessing knowledge and experience with application security solutions and web hosting architecture and principles; 

  • Leveraging experience with Software development including web, mobile applications and development languages; 

  • Having experience with commercial Source Code Analysis/Static Application Security Testing Tools; 

  • Understanding of application source code vulnerability mitigation processes; 

  • Recognizing risk assessment/acceptance factors that can affect business and security decisions; 

  • Having knowledge of and experience with Business processes and drivers that can affect system design; 

  • Analyzing application security vulnerabilities and executing mitigation strategies; 

  • Leveraging review processes using application threat vulnerability tools, scanning techniques and/or code review results; 

  • Using assessments of vulnerabilities, sources of threats, and current security guidance to determine the effectiveness of mitigation plans; 

  • Collaborating with teams to identify opportunities and provide recommendations on how application security can be built into project development;  

  • Interacting with project management team members and key stakeholders on application projects; 

  • Reviewing application threat vulnerability assessments on application development projects; 

  • Implementing strategy for application threat vulnerability review and remediation; 

  • Identifying and documenting complex business cases to assist in gaining internal support to implement security solutions; 

  • Collaborating with team members and stakeholders virtually;  

  • Evidencing communication skills, both written and verbal; 

  • Having customer service experience/skills, multitasking and possessing time management skills;

  • Possessing analytical skills and attention to detail. 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Application security Automation AWS Azure Bash Cloud Code analysis DevOps GCP GitHub IaaS Jenkins Microservices PaaS PowerShell Python Risk assessment SaaS SANS SAST Scripting Sentinel Strategy Terraform Vulnerabilities

Perks/benefits: Career development

Region: Europe
Country: Romania

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.