Responsibilities:
Contribute to the implementation of Shift Left security practices within the organization, integrating security into the earliest stages of the development lifecycle. Collaborate with development teams to embed security controls, such as code scanning, vulnerability assessment, and secure coding practices, into CI/CD pipelines and IaC workflows.
Conduct security assessments of Infrastructure as Code (IaC) templates and configurations to identify vulnerabilities, misconfigurations, and security risks. Perform static code analysis and automated security scans to identify and remediate security issues early in the development process.
Implement security controls and measures within IaC scripts and configurations to protect cloud resources. Embed security best practices, such as IAM policies, encryption, network security rules, and access controls, directly into IaC templates and deployment pipelines.
Monitor IaC deployments for security incidents and respond promptly to security alerts and breaches. Develop incident response procedures specific to IaC environments and coordinate response efforts with development and operations teams.
Develop and implement automation solutions for security tasks and processes within IaC pipelines. Utilize tools and frameworks such as Terraform, AWS CloudFormation, or Azure Resource Manager to automate security controls deployment, configuration management, and compliance checks within IaC workflows.
Ensure that IaC templates and deployments comply with relevant regulatory requirements, industry standards, and organizational policies.
Collaborate with compliance teams to conduct audits, assessments, and reviews specific to IaC security.
Provide security awareness training and guidance to development and DevOps teams on integrating security into the development process and IaC workflows. Educate teams on secure coding practices, security controls implementation, and compliance requirements for IaC environments.
Maintain accurate documentation of security configurations, policies, procedures, and incident response activities related to development environments and IaC deployments. Generate reports on Shift Left security and IaC security metrics, compliance status, and incident trends for management and stakeholders.
JOB REQUIREMENTS
Bachelor’s or master’s degree in computer science, Software Engineering, or a related field.
Minimum of 2 to 3 years of professional experience in Cloud Security Engineering with a strong focus on IAC, shift left and incident response
Strong understanding of cloud computing concepts and architectures, with experience working with both Azure and AWS cloud platforms.
Solid understanding of infrastructure as code principles and practical experience
Excellent communication skills with the ability to effectively collaborate with cross-functional teams and stakeholders
Strong troubleshooting and problem-solving skills with the ability to debug complex issues in a distributed environment.
Familiarity with CI/CD concepts and experience with tools like Jenkins, GitLab CI/CD, or AWS CodePipeline
Knowledge of security principles, practices, and technologies, including network security, encryption, identity, access management (IAM), and security monitoring
Proficiency in security monitoring and incident response tools and technologies, such as SIEM, IDS/IPS, and endpoint detection and response (EDR) solutions.
Experience implementing and managing security controls in cloud environments, including IAM policies, firewall rules, encryption keys, and security groups.
AWS certifications such as AWS Certified Cloud Practitioner, AWS Certified Security Specialty, and AWS Certified Solutions Architect.
Azure certifications such as Azure Security Associate, Azure Cybersecurity Architect Expert
Click Here To Apply