Must Have: Istio, Envoy, Kubernetes, and Terraform, coupled with your security penetration testing or automated API testing experience.
Skill (Primary): Modern Application Development-DevOps(channel Apps)-DevOps Others
Responsibilities
Security Architecture and Implementation: Design and implement secure cloud-native architectures with a focus on Istio service mesh and Kubernetes container orchestration.
Harden and secure containerized workloads and microservices using best practices.
Leverage Terraform for infrastructure as code (IaC) deployments, ensuring security is baked into the process from the start.
Implement security controls and monitoring solutions to detect and respond to potential threats.
Compliance and Security Auditing: Collaborate with security and compliance teams to ensure adherence to industry standards and regulations.
Conduct regular security audits and penetration testing to identify vulnerabilities and recommend remediation strategies.
Develop and maintain documentation for security policies, procedures, and incident response plans.
DevSecOps Integration: Integrate security practices and tools into the CICD pipeline to automate security testing and vulnerability scanning.
Implement and maintain security tools for code analysis, dependency management, and vulnerability tracking.
Promote a culture of security awareness and collaboration within the development and operations teams.
Qualifications
Strong Communication and Collaboration:
Ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
Excellent teamwork and collaboration skills, working effectively with cross-functional teams.
Additional Desirable Skills: Experience with cloud platforms such as AWS, Azure, or GCP.
Programming/scripting skills (Python, Java, Bash, etc.) Certifications in security and cloud technologies (CISSP, CCSP, etc.)