• Very strong scripting and coding skills
• Have a bachelor’s degree in computer sciences or cybersecurity, with at least five years’ experience in computer security.
• Engineer mindset; must be able to solution security not just find flaws
• Strong risk assessment skills
• Experience in automation, using CI/CD (not limited to, but would be advantageous) – including the ability to write tests in to a pipeline after interpreting from policy – what ports can be exposed, IP ranges and how to test programmatically whether they are open of egress/ingress etc. - CI/CD Pipelines and relevant integrations like Jenkins, Jira, Sonar
• Additionally, they should have knowledge of authentication technologies, risk management, assessment procedures, and security attack pathologies, Windows, UNIX or Linux operating systems, and network security and architecture, among others.
• understanding of streaming & container technologies
• Able to assess business rules, collaborate with stakeholders and perform source-to-target data mapping, design and review.
• Knowledge on programming languages like Java, NodeJS, Angular JS, and secure coding practices.
• Automate the security engagement so the pipelines are repeatable and transparent and to drive confidence in security automation
• Source Code Review, Pentest and Security Review skills for custom and build projects.
• Should understand authentication and access controls, including provisioning, changes, and de-provisioning of user and system accounts, security/access roles, and access permissions to information assets.
• Should understand micro-service security and have a working knowledge on kubernetes.
• Understands network security, firewall rules, DLP, and security best practices.
• Should be able to analyze trends and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments