Secure by design specialist

Tasks

• Assess third party integrations security
• Collaborate with SOC for logging and telemetry
• Conduct security evaluations of system designs
• Conduct security workshops and training
• Drive shift-left security
• Establish secure API lifecycle
• Implement infrastructure-as-code
• Implement secure container security
• Implement secure integration patterns
• Integrate security controls into requirements
• Perform threat modeling
• Provide security guidance to development teams
• Respond to security incidents
• Run security audits
• Secure CI CD pipeline

Perks/Benefits

• N/A

Skills/Tech-stack

API Security | AWS IAM | Access Control | Access Management | Active Directory | Ansible | Apache Cassandra | Application Security Testing | Auth0 | Azure Active Directory | Burp Suite | CI/CD | Chef | CircleCI | CloudFormation | Composition analysis | DAST | Detection Systems | Docker | Dynamic Application Security | Dynamic Application Security Testing | ELK Stack | Elasticsearch | Firewalls | GitHub Actions | Grafana | HTTP | HTTPS | Identity and Access Management | Identity and access | Infrastructure as Code | Intrusion Detection | Intrusion Prevention | Intrusion Prevention Systems | Intrusion detection systems | Jenkins | Kibana | Kubernetes | Logstash | MFA | Mend | Microsoft Threat Modeling | Microsoft Threat Modeling Tool | MongoDB | Multi-Factor | Multi-Factor Authentication | MySQL | Nessus | Network zoning | NoSQL | OAuth | OWASP Threat Dragon | OWASP Top | OWASP Top Ten | OWASP ZAP | Okta | OpenID Connect | OpenShift | Oracle | PostgreSQL | Prevention systems | Prometheus | Puppet | Qualys | RASP | RBAC | REST | Relational databases | Role-Based Access | Role-Based Access Control | Runtime Application Self Protection | SAST | SCA | SIEM | SOAP | SQL Server | SSL/TLS | Security Testing | Snyk | Software Composition | Software Composition Analysis | Splunk | Static Application Security Testing | TCP/IP | Terraform | Threat Dragon | Threat modeling | Travis CI | VPN | Vulnerability Management | WhiteSource | Zero Trust | “as-code”