Key skills
PythonJavaGoDevSecOpsAWSTerraformContainerizationContainer orchestrationSASTOpen-source dependency scanner toolsApplication securitySecurity complianceSecurity controlsSecurity investigationsAIBedrockRisk ManagementCommunication
About this role
Slalom is a purpose-led, global business and technology consulting company. They are seeking a Cyber Security Engineer to design, implement, and optimize security solutions while collaborating with development and operations teams to integrate security into application processes.
Responsibilities:
- Apply software engineering principles to design, implement, configure, and optimize security solutions, automation, DevSecOps processes, and COTS products
- Serve as subject matter expert collaborating with development, operations, and security teams to integrate security services into application development and deployment processes
- Identify and execute automation opportunities for processes and activities within the team
- Support security investigations through data analysis and information gathering
- Establish and maintain security controls and compliance measures, ensuring alignment with industry regulations and organizational policies
- Create and maintain documentation, guidelines, and training materials for security solutions, processes, and best practices
- Review application code for security compliance, and vulnerabilities using hands-on expertise
- Actively seek to remove barriers and improve security across the program
- Balance security requirements with operational efficiency and business needs
Requirements:
- Bachelor's degree in a related field, or commensurate specialized training, certification, or work experience
- 7+ years of work experience with minimum 5 years in cloud solutions engineering, development, and deployment including application security
- 7+ years of experience in an object-oriented language (Python, Java, or Go preferably)
- Strong working experience in a DevSecOps software development environment
- Expert understanding of cloud computing concepts, platforms, and services, particularly AWS
- Experience deploying solutions to AWS including use of Terraform
- In-depth knowledge of containerization, container orchestration technologies, security best practices, compliance requirements, and risk management
- Extensive experience reviewing application code for security vulnerabilities
- Direct, hands-on experience with SAST and open-source dependency scanner tools
- Strong ability to work collaboratively with teams and stakeholders
- Excellent verbal and written communication skills
- Working knowledge of AI systems like Bedrock