Lo sentimos, la oferta no está disponible,
pero puedes realizar una nueva búsqueda o explorar ofertas similares:

Gerente De Oficina Médica, Levitown, Toa Baja

Gerente de Oficina medicaRequisitos:GA en Secretarial Medico o Administración de Oficina MédicaConocimiento cubiertas de Planes MédicosConocimiento de Micros...


Desde Jobs For You Inc. - Toa Baja

Publicado a month ago

Cocinero | Part Time | Viernes Y Sabado

¿Eres organizado y tienes experiencia en cocina? ¡Te estamos buscando! En Smart Diet necesitamos colaboración con nuestros chefs en la preparación de comidas...


Desde Smart Diet - Toa Baja

Publicado a month ago

Mecanico De Diesel | Toa Baja

Estamos en busca de un profesional apasionado por los motores diésel, con habilidades en diagnóstico y reparación de problemas, así como en el mantenimiento ...


Desde Appleone - Toa Baja

Publicado a month ago

Oficinista - Data Entry

Preparar y hacer la entrada de Ordenes al sistema. Emitir Facturas a clientes. Enviar facturas a clientes. Mantener archivo digital de las facturas (scan de ...


Desde M T Inc - Toa Baja

Publicado a month ago

Sr. Information Security Cloud & Automation Architect

Sr. Information Security Cloud & Automation Architect
Empresa:

Dice


Lugar:

Toa Baja

Detalles de la oferta

Job Summary: The Information Security Cloud & Automation Contractor is responsible for designing, developing and implementing highly available, secure cloud environments utilizing automated configuration management (Infrastructure as Code (IaC) methodologies while maintaining compliance to Wawa’s Information Security policies and standards.

This role is responsible for designing stable and secure infrastructure for applications and repeatable processes through secure automated provisioning, continuous delivery (CD), continuous integration (CI), proactive monitoring, and compliance. The engineer’s designs will incorporate security directly into CI/CD toolchains using a variety of tools, patterns and techniques.

Principal Duties:

1.Develop and document cloud, automation and API security requirements.

2.Design and implement automated deployment of identity and access management, logging and monitoring, application security hardening, infrastructure hardening and security, configuration security, data protection, CI/CD, vulnerability analysis, code review, and compliance validation.

3.Develop and implement tooling to provide detective and reactive security configuration validation and correction.

4.Conduct analysis, design, development, and continued evolution of modern software-defined infrastructure, application patterns and technology solutions.

5.Create IT security architectural artifacts, provide architectural analysis of IT security features and relate the existing system to future business requirements.

6.Analyze cloud architecture and application vulnerabilities using cloud security services and other tools.

7.Continuously evaluate the organization's existing cloud infrastructure security practices, help define, standardize and measure security-related activities, demonstrating concrete improvements to the information security program within the organization.

8.Design and write automated security tests and checks in CI/CD, integrating security in to the application deployment pipeline.

9.Assist in the development of metrics to measure the effectiveness of the Wawa Information Security program as it relates to cloud infrastructure and secure automation.

10.Support cloud certification activities, system hardening, vulnerability testing and scanning.

11.Validate that information security requirements are built into architectures and new technology projects.

12.Work closely with development, infrastructure and information security teams in an agile workflow to promote and mature DevSecOps methodologies.

13.Partner with infrastructure and automation teams to embed security best practice into the infrastructure as code development lifecycle and operational work processes.

Essential Functions:

1.Strong recognition of how work is done in DevSecOps with the ability to identify keys to success.

2.Ability to identify the security risks and address via countermeasures associated with DevOps, continuous delivery, automation, APIs, and cloud.

3.Ability to work well individually as well as in a team environment.

4.Ability to conduct effective risk assessments and threat modeling in a rapidly changing environment.

5.Excellent written and verbal communication skills, interpersonal and collaborative skills.

6.Up-to-date knowledge of methodologies and trends in both information security and IT.

7.Poise and ability to act calmly and competently in high-pressure, high-stress situations.

8.Must be a critical thinker, with strong problem-solving skills.

9.Ability to manage one or more projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.

10.Ability to lead medium internal security technology projects and security remediation projects with limited dependencies on external IT teams.

11.High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.

12.High degree of initiative, dependability and ability to work with little supervision while being resilient to change.

13.Ability to be on-call 24x7x365 rotation.

14.Ability to lead, mentor and influence others.

Basic Requirements:

1.Minimum of 7 years’ experience in general IT.

2.Minimum 3 years’ experience in DevSecOps, automated deployments\IaC, and cloud.

3.Experience and understanding of large-scale infrastructure deployments in enterprise-wide environments.

4.Strong understanding of cloud and application security principles.

5.Experience deploying and managing cloud deployments preferably within AWS:

a.Cloud computing: AWS, DC/OS, Terraform, Kubernetes

b.Configuration Management: Ansible, Puppet

c.CI/CD: AWS Config, AWS CloudFormation, AWS Lambda, AWS CLI, Chef Inspec, AWS Inspector, Veracode, Checkmarx, Jenkins, Maven, Artifactory, Git, SonarQube

d.Databases: MongoDB, MySQL, Cassandra, Redis, Oracle

e.Programming: Java, Scala, Go, C, C++

f.Scripting languages: Shell, Ruby, Python

g.Systems: Linux/Unix administration, Networking fundamentals

h.Tools: EFK, Password Vault, Vulnerability Scanning, Static Code Analysis, RabbitMQ, NGINX

i.Comfortable with REST API security best practices and usage

j.Experience supporting Node.js application deployments as Docker images

k.Cloud encryption and key management

6.Experience supporting large AWS deployments using a multi-account organizational structure.

7.Familiarity with static and dynamic code analysis tools/frameworks.

8.Strong analytical and critical thinking skills.

9.Ability to prioritize and multitask in a fast-paced environment.

10.Degree in technology-related field preferred, or equivalent work- or education-related experience.

11.General understanding of relevant legal and regulatory requirements, such as: Payment Card Industry Data Security Standard.

12.AWS Professional Certification (Solution Architect, SysAdmin or Developer).

13.Professional security management certification such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacking (CEH), GIAC Information Security Professional (GISP), or other similar credentials.

14.Knowledge of common information security management frameworks, such as ISO/IEC 27001, Critical Security Controls, and NIST 800-53 and Cybersecurity Framework.

15. Moderate knowledge of information security concepts and technologies such as: networking, network segmentation, vulnerability scanners, firewalls, IPS\IDS, network analyzers, data loss prevention, security event management, encryption technologies, proxies, cloud services, mobile devices, etc.


Fuente: Bebee2

Requisitos

Sr. Information Security Cloud & Automation Architect
Empresa:

Dice


Lugar:

Toa Baja

Built at: 2024-03-29T12:10:00.056Z