Senior Cloud Engineer

Job Description

**Job Title : Senior Cloud Engineer**

**Location : Atlanta, GA**

**Duration : 13+ Months with possible extension/conversion**

**ON W2**

**Job Responsibilities:**

· Identify weaknesses and vulnerabilities that affect the confidentiality, integrity, and availability of corporate protected, sensitive, and confidential information and data.

· Conduct Static Application Security Tests (SAST) and Dynamic Application Security Tests (DAST) using Veracode.

· Work within the DevSecOps model to secure containers within ROSA, Tekton, and OpenShift pipelines.

· Possess knowledge of CI/CD orchestration tools such as Jenkins, Tekton, GitLab, or Bamboo.

· Provide operational support for container security tools (e.g., Palo Alto Prisma, Aqua).

· Perform baseline image validation of new container template images.

· Perform vulnerability scans on container environments.

· Develop, test, and maintain containerized applications security.

· Troubleshoot connectivity or operational issues.

· Ensure security requirements are implemented within various stages of the system development lifecycle; work closely with development teams to pen test new features within internally developed applications.

· Apply software development skills (e.g., Java, C#.NET, JavaScript) to recommend secure coding practices.

· Validate and address vulnerability/threat findings from static and dynamic analysis tools.

· Characterize threats and provide recommendations for remediation; manage remediation efforts to completion.

· Develop and present findings and remediation reports to team members across all department areas and levels of the company.

· Perform security reviews of software designs and assist developers to ensure quality and robustness of internal products.

· Conduct security assessments against web applications and APIs across various technology stacks.

· Ensure adequate security requirements and privacy by design are built into all architecture/infrastructure/projects.

· Integrate threat modeling practices into the application testing lifecycle.

· Impart application security and ethical hacking expertise into team processes.

· Drive improvements in the security testing practice, including execution methodology and metrics.

· Partner effectively with development and infrastructure teams to integrate security.

· Drive awareness and knowledge of security among developers.

· Communicate technical issues to non-technical leaders effectively.

· Continually improve proficiency in application and API exploitation, tools, techniques, and countermeasures.

**Required Skills:**

· Minimum 5+ years of professional experience in application security, penetration testing, security assessment, secure software development, or related field.

· Extensive knowledge of dynamic scanners like Palo Alto Prisma or Veracode.

· Extensive knowledge of the OWASP Top 10.

· Experience with vulnerability risk and impact assessment.

· Experience integrating security capabilities in cloud and application lifecycle management platforms, especially in a DevOps model.

· Extensive knowledge of the secure development lifecycle.

· Extensive knowledge of static analysis tools and flaw triage such as HP Fortify, IBM Rational, Veracode or Coverity, FindBugs, FindSecurityBugs, Brakeman, and open-source scanning tools such as Sonatype CLM.

· Extensive knowledge of vulnerability scanners like Qualys and Tenable.

**Preferred Qualifications:**

· Extensive experience in application security and ethical hacking.

· Extensive experience exploiting web, mobile, and application security vulnerabilities.

· Extensive experience in software development.

· Extensive experience integrating secure coding techniques with product teams.

· Professional certifications such as CISSP, CISM, OSCP, and CEH.

Job Type: Contract

Pay: $60.00 – $65.00 per hour

Schedule:

* 8 hour shift

Application Question(s):

* Are you willing to work on W2?
* Are you a US Citizen or GC or H1B?

Experience:

* Cloud: 10 years (Required)
* application security, testing: 5 years (Required)

Ability to Relocate:

* Atlanta, GA 30303: Relocate before starting work (Required)

Work Location: In person