Security Vunerability Management Consultant - Central Point Partners
Oakland, CA 94607
About the Job
What You'll Do
Work on a cloud native environment leveraging Containerized Workloads, Serverless Architecture and Automated CICD Pipeline to manage Infrastructure-as-a-Service
Perform Scripting and Coding to build security tooling and for automating redundant tasks.
Use terraform to deploy security baseline controls, perform code reviews, and provide recommendations for improved security.
Build and deploy home-grown security tooling to detect, report and remediate infrastructure security vulnerabilities as part of risk mitigation activities
Experience with integrating log feeds from various sources into SIEM systems like Splunk and enable detective controls on critical security events
Be part of the On-Call Support for addressing security tickets and serve as a Security System SRE on a rotational basis
Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
Identify and remediate security vulnerabilities and incidents
What we expect:
BS or equivalent. Minimum of 4+ years of experience in security engineering.
Strong understanding of cloud providers and their security technologies, operation and limitations including: Compute, GKE, Serverless technologies, Firewalls, IAM, Network Access Control solutions ,IPSec and TLS based VPNs , Web Application Firewalls, Egress controls.
Experience with building scalable cloud security solutions that are well instrumented
Solid grasp of data formats (JSON, YAML, XML).
Experience with programming and scripting languages (Python, Go, Terraform, GCP CLI) and API integrations.
Experience with CI/CD Platform tools like Jenkins, GitHub Enterprise, Artifactory CircleCI and automate security within CI/CD pipelines.
#LI-DD1
Work on a cloud native environment leveraging Containerized Workloads, Serverless Architecture and Automated CICD Pipeline to manage Infrastructure-as-a-Service
Perform Scripting and Coding to build security tooling and for automating redundant tasks.
Use terraform to deploy security baseline controls, perform code reviews, and provide recommendations for improved security.
Build and deploy home-grown security tooling to detect, report and remediate infrastructure security vulnerabilities as part of risk mitigation activities
Experience with integrating log feeds from various sources into SIEM systems like Splunk and enable detective controls on critical security events
Be part of the On-Call Support for addressing security tickets and serve as a Security System SRE on a rotational basis
Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
Identify and remediate security vulnerabilities and incidents
What we expect:
BS or equivalent. Minimum of 4+ years of experience in security engineering.
Strong understanding of cloud providers and their security technologies, operation and limitations including: Compute, GKE, Serverless technologies, Firewalls, IAM, Network Access Control solutions ,IPSec and TLS based VPNs , Web Application Firewalls, Egress controls.
Experience with building scalable cloud security solutions that are well instrumented
Solid grasp of data formats (JSON, YAML, XML).
Experience with programming and scripting languages (Python, Go, Terraform, GCP CLI) and API integrations.
Experience with CI/CD Platform tools like Jenkins, GitHub Enterprise, Artifactory CircleCI and automate security within CI/CD pipelines.
#LI-DD1
Source : Central Point Partners