Information Security Engineer-remote

ABOUT THE JOB:

The security engineer works with the Infrastructure and Application Development teams to develop, implement, and maintain a robust, efficient DevSecOps environment.This role will engage with the Infrastructure team providing guidance and direction on securing the existing private cloud while preparing for a direction to a hybrid cloud.The role will also engage with the Application Development team to develop a secure application delivery pipeline for the purpose of securely automating application builds through the Development, QA, and Production environments.

WHAT YOU WILL DO IN THIS ROLE:

Engage with the Infrastructure Team on implementing and maintaining a secure private cloud environment using cloud expertise, standards, and best practices


Engage with the Application Development team to develop, implement, and maintain DevOps security strategies for all environments utilizing security standards and best practices.

Create Secure Coding Standards and work with Security Consultants, QA, and Application

Development to educate, develop and implement an efficient and, where possible, automated code testing environment to ensure that vulnerabilities are discovered and remediated based on risk and threat to the business


Partner with the Security Architects to assist leadership in Security Strategy and Objective planning

Build relationships with Application Development, PMO and Infrastructure to ensure that information security is incorporated into project methodology and the application delivery process.

WHAT YOU MUST BRING TO THIS POSITION:

A bachelor's degree and a minimum of seven (7) + years in an information security role with at least 1-2 years focused on Application Development and Cloud Security

In lieu of the degree, additional work experience and/or trade school or applicable certifications.

CISSP (Certified Information Security Specialist Professional) and a combination of advanced        certifications focused on DevSecOps, Software Security, and Cloud Security such as Docker Certified Associate Certification, Kubernetes Administrator Certification, ISC2 Certified Secure Software Lifecycle Professional, and GIAC Cloud Security Automation.

Expert level knowledge of Information Security concepts, principles, and practices

Advanced knowledge of security aspects for multiple operating systems, networking technologies, encryption technologies, and applications

Experience with the Agile development methodology

Working knowledge of containers (e.g. Docker) and container orchestration (e.g. Kubernetes)

Proven capabilities in scripting languages such as Python, Ruby, Powershell, and Javascript

Working knowledge of DevOps principles and practices including Continuous Integration, Continuous Delivery, and Continuous Deployment

Working knowledge of Security Coding frameworks and best practices including OWASP, CVSS, and the MITRE ATT&CK framework

Proven ability to work independently with guidance in only the most complex situations

Excellent organizational, planning, written and verbal communication skills.

Strong client facing skills with ability to deal and lead conversations with large technically diverse teams.

Organized, responsive and highly thorough problem solver with strong ability solve complex problems, analyze information, identify and assess risks and make tactical and strategic recommendations.

Experience driving measurable improvement in security operations and risk reduction within the organization

Excellent time management skills to aid in meeting specific goals and plans to prioritize, organize, and accomplish.

Proven learning agility and seeks to excel, be curious and adaptable

Ability to act as lead in managing security related projects and investigations.

Ability to maintain a high level of professionalism and confidentiality.

Ability to work well under pressure.

Ability to be on-call and work outside of regular business hours as needed.

WHAT WILL MAKE YOU A MORE VIABLE CANDIDATE:

Bachelor’s degree in Computer Information or related field ; Cloud/DevOps Certifications; PMP (Project Management Professional); SANS GIAC (Global Information Assurance Certification)

WHAT'S IN IT FOR YOU:

A competitive starting base salary plus a targeted annual performance bonus

A phenomenal work environment, with perks including onsite restaurant and coffee shop, employee activities, onsite fitness center, and sports leagues

A wonderful team of dynamic people to work with who are fun, caring and friendly

A fantastic benefits package that’s hard to find in South Florida


We require a drug screen and background check.

EEO/Smoke Free environment