Job Search

1154 + Open Positions Globally

1154 + Open Positions Globally

Senior SecOps / Security DevOps Engineer IRC166146

Job: IRC166146
Location: Ukraine - Kyiv
Designation: Senior Software Engineer
Experience: 3-5 years
Function: Engineering
Skills: AWS, Cryptography, Docker, HTTPS and TLS/SSL, Jenkins, Linux, Network Security, Release Automation, Security

Description:

We are looking for an experienced Senior Security Engineer with both strong technical and interpersonal skills for our security engineering efforts to contribute to improving the security posture of our infrastructure and applications.

Client – the worldwide manufacturer of smart beds, which increase the overall quality of sleep. The solution senses and automatically adjusts the comfort level:

  • Tracking personal sleep data during the night
  • Individual comfort and temperature balancing
  • Comfort adjustability on each side of the bed

The project is related to developing cutting-edge IoT technology.

 

Requirements:

    – BS or MS in Computer Science or equivalent technical degree
    – Minimum of 5 years of relevant experience
    – Strong background in application security development, network security, and automation
    – Familiar with code versioning tools
    – Strong background in Secret as a Service with HashiCorp Vault
    – Familiar with application security compliance standards and best practices
    (e.g., OWASP, CIS, NIST CSF, ISO 27000 series)
    – Familiar with SAML, SSO (Single Sign-On), MFA (Multi-Factor Authentication)
    – Understanding Identity/Auth and Authorization technologies and protocols
    (e.g. SAML, SCIM, OIDC, OAuth, JWT)
    – Good understanding of AAA (Authentication, Authorization, Auditing)
    – Good understanding of known authentication protocols: LDAP, SASL, OAuth, OIDC, Mutual TLS
    – Good understanding of known authorization models: ACL, RBAC, ABAC, CBAC, MAC, DAC
    – Experience in configuration management tools as Chef or Ansible
    – Experience in infrastructure as code such as Terraform
    – Good understanding of PKI (Public Key Infrastructure) and its components: CA, RA, VA, TSA.
    – Good understanding of TLS/SSL
    – Good understanding of cryptography concepts such as digital signature, data integrity, message
    authentication, confidentiality, non-repudiation
    – Excellent understanding of encryption at rest and in-transit (e.g., SSL/TLS,
    symmetric and asymmetric cryptography)
    – Good understanding of symmetric and asymmetric cryptography

    • Upper-intermediate English

    Additional Qualifications:

    – Practical experience in using popular commercial and open-source security
    testing tools (e.g. Nessus/Tenable.io, Burp Suite, OWASP ZAP, Kali linux,
    ScoutSuite, Prowler, Sonarqube)
    – AWS Security Specialty certification or equivalent experience
    – Familiar with compilers and code generation tools
    – Knowledge and experience in security of large-scale cloud-based applications and environments
    – Practical experience in hardening systems

Job Responsibilities:

    Description:

    As a Senior Security Engineer, you will be working side-by-side at the code and architecture level with of project’s engineering teams to ensure security
    throughout our operations and technical systems, from infrastructure to the applications. You will face with an experience working with various engineering teams including Mobile, Web, Embedded, QA, Cloud, and Data Platform.

    Responsibilities:
    – Implement and manage cloud security solutions across multi-account
    infrastructure
    – Work on enhancements of SAST/DAST/IAST integration into application CI/CD
    pipeline
    – Perform on-going security testing and code review of our infrastructure and
    applications
    – Continually improve DevSecOps infrastructure, tools, processes, and
    procedures
    – Contribute to corporate SDLC enhancements, design and implement security
    controls and best practices
    – Explore and pilot commercial and open-source application security tools
    – Maintain security technical documentation
    – Deploy, configure, and maintain the Secrets Service infrastructure.
    – Guide engineering teams to securely store and retrieve their secrets through automation i.e., API keys, certificates, SSH keys, passwords, encryption keys if needed
    – Own the life cycle management of secrets across the infrastructure, applications, and teams
    – Perform on-going security testing and code review to improve software security
    – Mentor other team members in methods and best practices
    – Maintain security technical documentation


What We Offer

Exciting Projects: Come take your place at the forefront of digital transformation! With clients across all industries and sectors, we offer an opportunity to participate in creating market-defining products using the latest technologies.

Collaborative Environment: Expand your skills by collaborating with a diverse team of highly talented people in an open, laidback environment — or even abroad in one of our global centers or client facilities!

Work-Life Balance: GlobalLogic prioritizes work-life balance, which is why we offer flexible opportunities and options.

Professional Development: Our dedicated Learning & Development team regularly organizes certification and technical / soft skill training to help you realize your professional goals.

Excellent Benefits: We provide our consultants with competitive compensation and benefits

Fun Perks: We want you to love where you work, which is why we host sports classes, cultural, social and team building activities such as sports competitions and end-of-year corporate parties. Our vibrant offices also include dedicated GL Zones and rooftop decks where you can drink coffee or tea with your colleagues over a game of table football or darts!

About GlobalLogic

GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise—we help our clients imagine what’s possible, and accelerate their transition into tomorrow’s digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501) which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business.

Apply Now

Attach your file here or browse
Only .docx, .rtf, .pdf formats allowed to a max size of 5 MB.

  • URL copied!