One of our global leading clients in Healthcare is looking for a Lead Cloud Security Architect that is looking to have their hands on every stage of the SDLC, from initial design through to ongoing penetration testing. With a keen eye and a purse to attract the top-talent out there, this Lead Cloud Security Architect will be joining a well-rounded team of rockstars with tremendous earning and growth potential in the long-term as well.
Core Responsibilities
- Perform web, binary, and network penetration testing on internal and external applications
- Communicate discovered issues, how to exploit them, and how to fix them for both technical and nontechnical audiences.
- Work with engineering teams in the design phase of new products and features.
- Participate in reactive incident response when security event is recognized
- Research new attack vectors and methodologies and reproduce, score, and further investigate reported issues.
- Develop techniques and frameworks that will enable engineering teams to find flaws pre-production
- You will architect and create frameworks that prevent current and future attack scenarios
- Be the go-to security authority and respond to internal security engineering inquiries
- Create and execute training exercises to advance developers' security knowledge
- You will research, architect, and execute solutions that will advance internal security monitoring & controls
Requirements
- Detailed technical knowledge of cloud infrastructure and tools such as; AWS, Terraform and Ansible.
- Experience in security systems, including firewalls, intrusion detection systems and vulnerability scanning tools.
- Adequate knowledge of web related technologies (Web applications, Web Services, Service Oriented Architectures, Micro-services, Containerization of services) and of network/web related protocols. This includes very basics of web like using REST protocol, using JSON data format.
- Interest in all aspects of security research and development
- Masters/Bachelors' degree in Computer Science or related field (in lieu of degree, 4 years of relevant work experience)
Preferred Qualifications
- Familiarity with cloud architecture security tools and best practices
- Experience with microservices architecture and docker containers
- Thorough knowledge of JavaScript and Web Standards
- Familiarity with client side MVC frameworks, preferably React.js
- Experience with Node.js for Server-Side JavaScript development
- Versant in OWASP standards and applying its tenets across the entire application stack