Location: Malvern, PA
Description: Our client is currently seeking a Senior Security Engineer
The team is searching for a senior engineer with proven experience in owning projects, identifying and leading implementation of new technology, developing standards, and mentoring team members. DevSecOps is central to the entire department's operations, and as such, the successful candidate will have input to technology and implementation decisions across the organization
This job will have the following responsibilities:
Qualifications & Requirements:
- Design, deploy, manage, and improve critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management, and application security.
- Ensure technology implementation and product development methodology aligns with information security policies and improves security posture.
- Responsible for threat management, security monitoring, trend correlation, and incident management, including security violations and exceptions.
- Provide recommendations on security requirements to be included in product design and security testing.
- Provide recommendations to the Risk Management Framework process activities and related documentation
- Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate
- Assess risk arising from third parties, vendors, and partners in our ecosystem and design controls to mitigate such risks
- Part of the security incident response team.
- 8+ years of hands-on security experience
- Must have hands-on expertise operating in an AWS environment with mastery of architecture and security capabilities in the cloud
- Mastery of multiple security domains such as intrusion detection, incident response, malware analysis, and forensics
- Deep understanding of Linux operating systems
- In-depth knowledge of CVSSv3, CWE, OWASP Top 10, and CWE/SANS TOP 25 Most Dangerous Software Errors
- Outstanding written and oral communications skills with the ability to develop internal processes and articulate assessment results with internal partners
- Continuously seek to develop new skills and technical expertise, as well as proactively share knowledge with others
- Experience with various public cloud services Using AWS / Azure / GCP is strongly preferred
- Bachelor's degree in a relevant technical field/equivalent knowledge and experience
- Experience in security incident response preferred
- Experience in software development (C/C++, Java, or Python) preferred
- Certification in one or more of the following: CISSP, CASP, Security+, CISA, GSEC, CAP, SCNA, SCNP, SSCP, GSLC, GSE, CCNA • AWS and or Azure Professional level certification (Solutions Architect, DevOps Administrator, or Developer)
This job and many more are available through The Judge Group. Find us on the web at www.judge.com