PW - Cloud Security Engineer / DevSecOps B. - Job3188

Summary

We are looking for a Cloud Security Engineer with a strong focus on hands-on development and automation to join our team. This role involves not only designing and implementing security policies but also actively developing solutions, scripts, and automations to strengthen our security posture in cloud and CI/CD environments. This role is critical in ensuring the security and compliance of our cloud environments, which are integral to our operations. The ideal candidate will be responsible for implementing and managing security measures, developing secure coding practices, and collaborating with development teams to integrate security into our CI/CD pipeline. This position not only requires technical expertise but also a proactive approach to staying updated on the latest security trends and technologies. We are looking for a Cloud Security Engineer with a strong focus on hands-on development and automation to join our team. This role involves not only designing and implementing security policies but also actively developing solutions, scripts, and automations to strengthen our security posture in cloud and CI/CD environments. This role is critical in ensuring the security and compliance of our cloud environments, which are integral to our operations. The ideal candidate will be responsible for implementing and managing security measures, developing secure coding practices, and collaborating with development teams to integrate security into our CI/CD pipeline. This position not only requires technical expertise but also a proactive approach to staying updated on the latest security trends and technologies.
 

Responsibilities

• Provisioning and Managing Security Policies: Utilize WIZ to establish and manage security policies across our cloud environments, ensuring compliance with industry standards and organizational policies.
• Code Evaluation and Development: Write and evaluate code in the Rego query language to enforce security policies and automate security checks within our cloud infrastructure, as well as develop and maintain scripts (e.g., Python, Bash) for automating security tasks, building custom security tools, and integrating various security systems
• Collaboration with Development Teams: Work closely with development teams to integrate security practices into the CI/CD pipeline, ensuring that security is a fundamental aspect of our software development lifecycle. This includes hands-on development and scripting to build, secure, and optimize CI/CD pipelines, implement security gates, and automate security testing within the deployment process
• Conducting Security Assessments and Audits: Perform regular security assessments and audits to identify vulnerabilities and ensure compliance with security policies and regulations.
• Staying Updated on Security Trends: Continuously monitor and research the latest security trends, technologies, and best practices to enhance our security posture.
• Cross-Departmental Collaboration: Collaborate with various departments, including IT, compliance, and operations, to ensure a cohesive approach to security across the organization.
• Mentorship and Leadership: Provide guidance and mentorship to junior team members, fostering a culture of security awareness and best practices within the team.

Requirements

Must-Have Skills

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Cloud Security Engineering: Proven experience in designing, developing, and implementing security controls in cloud environments (Azure, AWS, GCP) to protect sensitive data and applications, with a strong emphasis on automating security configurations (security as code) and developing secure cloud-native solutions.
• Container Security: Hands-on experience with Docker and Kubernetes is required. Candidates must have experience creating, configuring, and securing container images and orchestrations, including implementing and supporting security measures in containerized environments, ideally leveraging scripting languages (e.g., Python, Bash) for automation and custom tooling.
• Azure, AWS, GCP: Proficiency in at least one of the major cloud platforms (Azure, AWS, or GCP) and understanding their security features and best practices.
• Security Monitoring Tools: Strong knowledge of security monitoring tools, specifically WIZ.
• Rego Query Language: Familiarity with the Rego query language for policy enforcement and security automation.
• CI/CD Practices: Solid understanding and hands-on experience in developing, scripting for, and maintaining CI/CD pipelines (e.g., Azure DevOps, Jenkins, GitLab CI, GitHub Actions), including integrating security tools and practices (DevSecOps) throughout the DevOps workflows.
• Azure DevOps: Proficiency in using Azure DevOps for managing development workflows, including build and release pipelines.
• Scripting and Automation Expertise: Strong proficiency in at least one scripting language (Python highly preferred, Bash, PowerShell) demonstrated through experience in developing custom security tools, automating security operations, infrastructure provisioning, and integrating diverse systems/APIs.
• Python Programming & Scripting (Primary Focus): Strong, demonstrable Python expertise is our primary requirement, covering both application/tool development (e.g., custom security tools) and automation scripting (e.g., for security tasks, infrastructure, API integration).

Nice-to-Have Skills

• Proficiency in other programming or scripting languages (Go, Bash, PowerShell, etc.) is a valuable secondary asset.
• Relevant Certifications: Possession of relevant security certifications (e.g., CISSP, CISM, AWS Certified Security Specialty) that demonstrate expertise in cloud security.
• Analytical Skills: Strong analytical skills to assess security risks and develop effective mitigation strategies.
• Problem-Solving Skills: Excellent problem-solving abilities to address complex security challenges and implement effective solutions.