Senior SecOps / Security Engineer (offline)

Client – the worldwide manufacturer of smart beds, which increase the overall quality of sleep. The solution senses and automatically adjusts the comfort level:
- Tracking personal sleep data during the night
- Individual comfort and temperature balancing
- Comfort adjustability on each side of the bed

The project is related to developing cutting-edge IoT technology.

Requirements:

• BS or MS in Computer Science or equivalent technical degree
• Minimum of 5 years of relevant experience
• Strong background in application security development, network security, and automation
• Familiar with code versioning tools
• Strong background in Secret as a Service with HashiCorp Vault
• Excellent understanding of AAA (Authentication, Authorization, Auditing)
• Good understanding of known authentication protocols: LDAP, SASL, OAuth, OIDC, Mutual TLS
• Good understanding of known authorization models: ACL, RBAC, ABAC, CBAC, MAC, DAC
• Familiar with SAML, SSO (Single Sign-On), MFA (Multi-Factor Authentication)
• Excellent understanding of PKI (Public Key Infrastructure) and its components: CA, RA, VA, TSA.
• Excellent understanding of TLS/SSL
• Good understanding of cryptography concepts such as digital signature, data integrity, message
authentication, confidentiality, non-repudiation
• Excellent understanding of encryption at rest and in-transit
• Good understanding of symmetric and asymmetric cryptography
• Upper-intermediate English

Additional Qualifications:

• Cross-platform/multi-language development experience
• Familiar with compilers and code generation tools
• CISSP/HCISSP certification or equivalent experience
• Knowledge and experience in security of large-scale cloud-based applications and environments

Description:
As a Senior Security Engineer, you will be working side-by-side at the code and architecture level with each of our engineering teams to ensure security throughout our operations and technical systems, from infrastructure to the applications. Your primary focus will be on the life-cycle management of secrets. You will work with various engineering teams including Mobile, Web, Embedded, QA, Cloud, and Data Platform to improve the life cycle management of their secrets.

Responsibilities:
• Deploy, configure, and maintain the Secrets Service infrastructure.
• Guide engineering teams to securely store and retrieve their secrets through automation i.e., API keys, certificates, SSH keys, passwords, encryption keys
• Own the life cycle management of secrets across the infrastructure, applications, and teams
• Perform on-going security testing and code review to improve software security
• Mentor other team members in methods and best practices
• Continually improve DevSecOps infrastructure, tools, processes, and procedures
• Maintain security technical documentation.