We are setting up a new DevOps team to work on a Cloud-Native
initiative for phoenixNAP, a CCBill integration partner. The team
will use the latest technologies, frameworks, and approaches that
merge development with operations to create the next generation
platform for our customers that will allow them to run scalable
applications in modern and dynamic environments including public,
private, and hybrid clouds.
The Information Security Engineer is responsible for providing technical expertise related to infrastructure and software security design, implementation, and support of a new product set for the company. He/she will help contribute to automation-first DevOps teams to increase our efficiencies, ability to scale and reduce our time to market using automation and infrastructure as code (IaC).
He/she will be responsible for researching and developing new tools and processes for overseeing internal and external vulnerability and penetration tests as well as maintaining positive security and compliance posture for our products. The DevOps Information Security Engineer will interact with traditional information security teams to ensure the company maintains standards across the software and infrastructure of various product lines.
- Provide analytical and technical security recommendations to
other team members, oversight boards, and clients. Identify
requirements, based on needs or resulting from a security issue
that puts the organization’s systems at risk.
- Perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social engineering assessments.
- Meet with clients and management to help specify and negotiate application security requirements, review current policies and procedures for applicability, maintain system OS security patch levels, and ensure the safe transition of applications to production.
- Develop technology to automate security monitoring.
- Recommend effective security configurations and architecture to active members in technical workgroups.
- Liaise with the Enterprise Architect, Network Engineering, and Enterprise Management Teams to effectively communicate and architect security solutions.
- Develop documentation to support ongoing security systems operations, maintenance, and specific problem resolution.
- Work and coordinate with traditional information security teams to share ideas with the goal of maintaining -proper company-wide security standardization.
- Provide risk analysis for product features and architecture decisions.