|Date Posted||September 11, 2019|
Apex Systems, the nation’s second largest IT staffing firm, has an immediate opportunity for a Application Cloud Security Lead to support one of our top clients in Louisville, KY! Please find the details below.
If interested and believe you are qualified, please email your word resume to Diana McDermott at [Click Here to Email Your Resumé] with the best phone number and times to reach you.
App Cloud Security Lead Overview
Start Date: 9/30/19
Contract Length: 4 months
This assignment is anticipated to last 4 months; however, Apex Systems cannot guarantee the length of this assignment.
Principal Duties and Responsibilities:
- Build a very close working relationship with DevOps, cloud engineering, application development and QA teams.
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments
- Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
- Participate in designing IT and Cloud security strategy, system security controls and secure configuration. Creating security policies and standards around Cloud Security, Container Security, Configuration Management, Infrastructure as Code.
- Researching new security technologies and their application to the corporate and cloud environment
- Ensuring all acquired or developed systems are consistent with the solution engineering and security architecture guidelines Assess new and existing cloud implementations, identifying security issues, misconfigurations and prioritizing fixes/remediation Defining and documenting how the implementation of a new system or interface impacts the security posture of the current environment
- Help define and implement cloud security process, automation and tools to feed DevSecOps processes
- Performing security reviews, identifying gaps in security architecture and design
- Applied knowledge of healthcare industry
- Masters Degree in Computer Science, Information Technology or a related field
- Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure
- Experience performing web vulnerability assessments, application penetration testing and using penetration testing methodologies
- Experience creating source code per OWASP or other secure coding guidelines
- Experience in designing or implementing a security release management strategy for enterprise cloud applications
- Experience with cryptographic techniques such as cryptographic algorithms, key management and rotation processes, and secure key storage
- Experience with developing enterprise-wide secure code testing strategy - Certifications: AWS Certified Security; CCSP (Certified Cloud Security Professional); CISSP (Certified Information System Security Professional); CEH (Certified Ethical Hacker); GSEC; ISTQB (foundation, agile, test manager, test analyst, tech test analyst, etc.)
- Experience with SAST and DAST technologies including IBM AppScan, CheckMarx, Secure Assist, NowSecure, Burp Suite
- Bachelors Degree in Information Technology, Computer Science or a related field
- Six+ years of experience designing, developing, and testing of software applications and/or infrastructure Strong experience with cloud security strategy, cloud provider ecosystems (Amazon AWS, Microsoft Azure, Google Cloud Platform)
- Experience in developing secure code and application security standards
- Experience conducting application security testing and source-code reviews Experience with risk-based testing and/or manual assessment
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at 844-463-6178