Key skills
AngularAWSDockerJavaKubernetesMicroservicesPythonSpringSpring BootSpringBootIAMOAuthSAMLSource ControlCI/CDMentoringCollaborationNetwork SecurityZero Trust
About this role
Role Overview
- Engineer and deploy comprehensive security measures throughout the software lifecycle, from development to production, ensuring adherence to secure coding standards and safeguarding data
- Establish and maintain security architecture and policies specifically designed for AWS-based microservices environments
- Scale security solutions across diverse development teams and applications with varying architectural designs
- Analyze code scan outputs from tools like Anchore, WebInspect, and DBProtect, and collaborate with compliance teams to fine-tune and enhance scanning effectiveness
- Champion early-stage security integration by building and embedding tools that enforce security checkpoints within CI/CD workflows
- Integrate security checks into source control and pipelines to deliver prompt feedback and uncover insecure coding patterns early in the development process
- Perform vulnerability scans and penetration tests to detect and address security weaknesses proactively
- Apply ethical hacking techniques to uncover and remediate security flaws in both applications and infrastructure
- Promote secure development practices in Java, Python, and Angular by offering internal training and hands-on support for secure coding, deployment, and operations
- Deploy real-time security monitoring and alerting systems to swiftly identify and respond to potential threats
Requirements
- Bachelor’s degree and over 10 years of hands-on experience in software development using Java, Python, and Angular
- Recent experience building applications in Java with Spring Boot framework
- Proven expertise in implementing security protocols such as TLS/SSL, IPsec, OAuth, OpenID Connect, SAML, HTTPS, and encryption/key management
- Solid grasp of Zero Trust security concepts and practical approaches to implementation
- Extensive experience working with AWS services and security tools, including IAM, VPC, CloudTrail, and AWS Security features
- Strong background in microservices and container technologies, including Docker and Kubernetes
- Track record of integrating security checks and controls into CI/CD pipelines
- Knowledgeable in network security, database systems, and hardware-level protections
- Exceptional analytical and troubleshooting abilities, with a keen eye for detail
- Effective communicator able to explain complex security topics to both technical and non-technical audiences
- Experienced in leading projects and mentoring team members to support growth and collaboration
- Collaborative mindset with the ability to work closely with developers, ISSOs, security engineers, architects, and other stakeholders involved in solution delivery
Tech Stack
- Angular
- AWS
- Docker
- Java
- Kubernetes
- Microservices
- Python
- Spring
- Spring Boot
- SpringBoot
Benefits
- U.S. Citizenship is required
- Candidate must be able to obtain CBP Public Trust clearance