Job Description
We are looking for an architect or developer with the following skills and experience:
• Experience operating within and supporting a security assurance and assessment program
• Experience as a security leader for a cloud product or set of cloud services
• Experience architecting security for product or service operating in a cloud environment
• Ability to lead architecture discussions and security assessments related to software services in a cloud environment
• Coordinate meetings between IT stakeholders and drive adoption of improved security solutions
• Identify gaps and weaknesses in proposed designs, identify compensating controls and approve remediation planning
• Advocate and architect new security requirements and solutions for next generation cloud capabilities and services
• Collaborate with other developers, engineers, architects, and compliance analysts to harden complex SaaS offerings
• Experience working with regulated environments covered by PCI, HIPAA, and FedRAMP
• Working knowledge of PCI control and requirements
• Working knowledge of HIPAA controls and requirements
• Working knowledge of FedRAMP controls and requirements
• Experience implementing data security and privacy solutions • Relational database security, Oracle DB security certifications preferred
• Object storage solutions, cloud security certifications from AWS, GCP, Azure, or OCI preferred
• Container hardening and secure microservice orchestration experience preferred
• Secrets and key management experience is required
• Experience developing or engineering secure Java applications in a SaaS cloud environment
• Secure coding and testing knowledge are preferred
• Developing for data privacy and security compliance are preferred
• Ability to define Agile and DevOps processes and continuous integration and delivery (CICD) security solutions
• Experience working with development management systems
• Experience working with build, integration, and delivery systems
• Experience deploying and configuring security tools attached to CICD systems