DevSecOps Engineer
we are seeking a highly skilled and experienced Senior Cloud Security Specialist to join our team. As a Senior Cloud Security Specialist, you will be responsible for designing, implementing, and maintaining security measures to protect our cloud-based infrastructure and applications. You will work closely with our development and operations teams to ensure that security best practices are followed throughout the cloud environment. You will also be responsible for monitoring and responding to security incidents and conducting regular security audits and assessments. The ideal candidate has a strong background in cloud security, a deep understanding of cloud architectures, and a passion for staying up to date with the latest security threats and trends.
Responsibilities
Design and implement security controls and measures to protect cloud-based infrastructure and applications.
Collaborate with development and operations teams to integrate security into the software development lifecycle.
Regular security assessments and audits should be conducted to identify vulnerabilities and recommend remediation actions.
Monitor and respond to security incidents and conduct investigations as necessary.
Stay current with emerging cloud security threats, vulnerabilities, and industry best practices.
Develop and maintain security policies, procedures, and documentation.
Perform security reviews of cloud service providers and third-party vendors.
Provide guidance and support to internal teams on best practices for cloud security.
Conduct cloud security awareness advisories for employees.
Responsibilities
Design and implement security controls and measures to protect cloud-based infrastructure and applications.
Collaborate with development and operations teams to integrate security into the software development lifecycle.
Regular security assessments and audits should be conducted to identify vulnerabilities and recommend remediation actions.
Monitor and respond to security incidents and conduct investigations as necessary.
Stay current with emerging cloud security threats, vulnerabilities, and industry best practices.
Develop and maintain security policies, procedures, and documentation.
Perform security reviews of cloud service providers and third-party vendors.
Provide guidance and support to internal teams on best practices for cloud security.
Conduct cloud security awareness advisories for employees.
Requirements:
3+ Proven experience working as a Security Operations Specialist, DevSecOps Engineer, or similar role.
Bachelor's degree in Computer Science, Information Technology, or a related field.
At least one of the relevant certifications (e.g., AWS Certified Security - Specialty, AWS Certified Network - Specialty, AWS Solutions Architect - Professional, CCSP, CISSP). Additional certifications are a plus.
Strong understanding of cloud computing concepts and AWS architectures. GCP is a plus.
In-depth knowledge of cloud security best practices, standards, and frameworks (e.g., CIS Benchmarks, NIST, ISO 27001).
Hands-on experience with cloud security tools and technologies (e.g., AWS Security services, Web Application Firewalls, Cloud Security Posture Management tools).
Experience with infrastructure-as-code (IaC) tools such as Terraform or CloudFormation. CDK is a plus.
Experience with Python programming and the boto3 library. TypeScript is a plus.
Experience conducting security assessments and audits.
Understanding networking protocols and security technologies (e.g., VPN, Firewall, IDS/IPS).
Knowledge of secure coding practices and common application security vulnerabilities.
Strong analytical and problem-solving skills.
Excellent communication and collaboration abilities.
Ability to work effectively in a fast-paced, dynamic environment.
3+ Proven experience working as a Security Operations Specialist, DevSecOps Engineer, or similar role.
Bachelor's degree in Computer Science, Information Technology, or a related field.
At least one of the relevant certifications (e.g., AWS Certified Security - Specialty, AWS Certified Network - Specialty, AWS Solutions Architect - Professional, CCSP, CISSP). Additional certifications are a plus.
Strong understanding of cloud computing concepts and AWS architectures. GCP is a plus.
In-depth knowledge of cloud security best practices, standards, and frameworks (e.g., CIS Benchmarks, NIST, ISO 27001).
Hands-on experience with cloud security tools and technologies (e.g., AWS Security services, Web Application Firewalls, Cloud Security Posture Management tools).
Experience with infrastructure-as-code (IaC) tools such as Terraform or CloudFormation. CDK is a plus.
Experience with Python programming and the boto3 library. TypeScript is a plus.
Experience conducting security assessments and audits.
Understanding networking protocols and security technologies (e.g., VPN, Firewall, IDS/IPS).
Knowledge of secure coding practices and common application security vulnerabilities.
Strong analytical and problem-solving skills.
Excellent communication and collaboration abilities.
Ability to work effectively in a fast-paced, dynamic environment.
This position is open to all candidates.
רוצה לראות עוד משרות מתאימות? Jobify מנתחת את הניסיון התעסוקתי שלך ומציגה לך משרות עדכניות - בחינם!
