• Contributing to inner source model for secure pipeline scripts.
• Developing automation solutions for scans reporting and dashboard integrations.
• Staying up-to-date on new security tools & techniques, and act as driver of innovation and process maturity.
• Collecting security-related metrics and increasing security visibility across the organization.
• Deploying and managing security tools to cloud infrastructure platforms such as Google Cloud or AWS, through automation using infrastructure-as-code principles.Requirements:
• Experience with API, OSS and platform integration.
• Demonstrated skill with at least one or more configuration management/scripting technologies such as Ansible, Groovy, AWS, Terraform or Cloud Formation.
• Experience with tools and technologies used throughout secure SDLC (e.g. Fortify, Checkmarx, Veracode, WhiteSource, Blackduck, 42Crunch, Sysdig, ZAP, NowSecure).
• Proven track record of security solution development and contributing to cloud platforms such as (AWS, GCE, Azure) using Infrastructure as code techniques.
• Experience with Linux Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures.
• Experience in software development.
• Experience in Information Security, Networking or Security Risk Management.
• Bachelor's or Master's degree in Computer Science, Computer or Electrical Engineering, Mathematics, or a related field.Preferences:
• Conducting research and evaluating Application Security Scanning tools, platforms, and processes for Cyber Security initiatives. As a subject matter expert, guide the development teams to improve security posture (API Security, Open Source Software Security, Build Environment Security etc.)
• Building and maintaining DevSecOps pipelines to adopt shift-left paradigm for security testing (SAST, DAST, MAST, SCA, Container Scanning, API Security, Build Environment Security etc.).
• Developing and promoting best practices for DevSecOps and secure CI/CD.
• Deep diving into issues concerning Application Security and develop recommendations and solutions with enterprise focus.Job Responsibilities:
• Working with teams to bring continuous improvement to DevSecOps processes and tools.
• Experience in at least one of these focus areas - API Security, Open Source Software Security, Build Environment Security, SAST, DAST, Container Security, Cloud Security.
• Experience with CI/CD tools such as GitLab, Jenkins, Nexus, and Artifactory.
• Experience with hands-on software development or scripting with at least one of these programming languages - Java, Node JS, or Python.
• Experience with AWS services and managing the configurations using IaC.
• Experience with software security, secure coding, or software assurance tools and techniques.What We OfferExciting Projects:
Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to work on market-defining products using the latest technologies.Collaborative Environment:
You can expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment - or even abroad in one of our global centers or client facilities! Work-Life Balance:
GlobalLogic prioritizes work-life balance, which is why we offer flexible work schedules and opportunities to work from home.Professional Development:
We provide continuing education classes, professional certification and training (technical, soft skills, language, and communication skills) to help you realize your professional goals. Being part of a global organization, there are additional learning opportunities through international knowledge exchanges.Excellent Benefits:
We provide our employees with competitive salaries, health and life insurance, short-term and long-term disability insurance, a matched contribution 401K plan, flexible spending accounts, and PTO and holidaysAbout GlobalLogic
GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world.
By integrating experience design, complex engineering, and data expertise-we help our clients imagine what's possible, and accelerate their transition into tomorrow's digital businesses.
Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries.
GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.