Requirements:
● Previous experience in security monitoring, incident response, threat intel, security engineering and DevSecOps.
● Thorough working knowledge of Linux
● Understanding of GitOps, Agile and DevOps practices
● Ability to write code and work with Infrastructure as Code tools (CloudFormation, Terraform, Etc)
● Experience with Kubernetes
● Experience with Container Security technologies like Twistlock, Snyk, etc.
● Great Communication Skills – you will be a Security ambassador to other teams, partnering to add security to their delivery pipelines(чтобы повысить безопасность своих конвейеров доставки
● Ability to own and resolve problems.
Responsibilities:
● Day-to-day technical operation of the Security capabilities of a DevSecOps tool stack.
● Configuration guidance of security tooling including Web application firewalls, Intrusion detection systems, Security monitoring tools (consuming and analyzing logs and metrics from various sources), etc.
● Development of Infrastructure as Code and GitOps configurations for Security capabilities
● Support project and operational teams with the adoption of security capabilities and ways of working.
● Manage and maintain our DevSecOps and Container Security capabilities with things like best practice configuration, hardening, and patching.
● Work with Incident Response Teams, Engineering, Product and DevOps teams to help with technical alignment of security, business and technical objectives.
● Investigate and remediate complex technical problems within the Security tooling embedded into CI/CD, Compute, and generally the AWS cloud environments.
● Participate in Peer review for Infrastructure as Code and relevant documentation.
● Investigate and utilize new technologies to enhance/improve security capabilities.
● Facilitate compliance by participating in writing of security policies and security documentation
Would be a plus:
● Experience with some of these technologies:
○ Security tools for runtime code.
○ Container & Dependency Vulnerability / Compliance Scanning tools (Snyk/Aqua/others)
○ Github/Bitbucket/Jenkins pipeline configuration
○ Version Control (git)
○ Datadog
○ AWS Secrets Manager / Parameter Store
○ Open Policy Agent
○ Atlassian (Confluence/Jira)
○ CIS Benchmarks
○ Web application firewalls
○ AWS Network Firewall / Security Groups
○ Code security tools.
What we offer:
● Product company with a long-term and clear vision;
● 21 working days of paid annual leave, paid sick leave;
● A friendly and cheerful team that will always lend a hand and make a joke;
● Tasks that are interesting to work on and that will help you become better as a professional;
● Excellent opportunities and prospects for professional growth;
● Corporate events;
● Competitive salary;
● Work from anywhere - remote.
We are open to cooperating with everyone!
About Tres Commas
Outsourcing customer support, which takes care of your clients!
On the surface, we run a network of call centers but what we do is so much more than that
Company website:
https://tcommas.com/
The job ad is no longer active
Job unpublished on
6 October 2022
Look at the current
jobs
Security
Kyiv→