The Prüm framework enables automated cross-border exchange of DNA, fingerprint, and vehicle registration data among EU Member States for the purpose of law enforcement and crime investigation. We are urgently looking for a Tester in the context of this EU's Prüm framework, to work for a client project in Strasbourg. Location: 60% on-site work in Strasbourg and 40% remote (or 50% on-site and 50% remote). Start date: Immediately Duration: 1 year; possible extensions Preliminary Requirements: Candidate should be citizen of member states of the European Union (EU nationality), and should be able to get their criminal record. Role: Responsible for defining and executing the testing strategy, participating as well in the development phase. Key Responsibilities: Experience in planning, analysing design and implementation of test cases. Design and develop automated testing scripts (functional, integration, and performance). Create and maintain test cases for: Kafka message processing, RESTful API validation, Full end-to-end system workflows. Conduct load, stress, and scalability tests in a cloud environment. Support corrective testing by identifying and resolving critical defects. Contribute to the generation of synthetic training datasets for testing. Contribute to development efforts. Desired Technologies & Skills: University degree (master or equivalent) in Computer Science/Security Developer-focused profile over tester Knowledge of OpenShift and microservices Languages: Java (Spring Boot) 17,21. APIs: RESTful APIs, OpenAPI/Swagger, JSON Schema, gRPC. Testing Frameworks: JUnit, Kreya, SOAP UI, Gatling. Kafka: Apache Kafka, Kafka Streams, Avro, Confluent. CI/CD Automation: GitLab CI, Jenkins, or Argo CD. Cloud Environments: Kubernetes (GKE, AKS, EKS). Other Tools: REST-assured, Docker, synthetic data tools (Faker, Mockaroo). Very good English speaking & writing skills. Experience and willingness of working in an international/multicultural environment. infeurope is a Luxembourg-based IT service provider, designing, developing and managing multilingual information and documentary systems in many application areas and business sectors. For more than 40 years we have delivered IT systems and solutions.
27/06/2025
Project-based
The Prüm framework enables automated cross-border exchange of DNA, fingerprint, and vehicle registration data among EU Member States for the purpose of law enforcement and crime investigation. We are urgently looking for a Tester in the context of this EU's Prüm framework, to work for a client project in Strasbourg. Location: 60% on-site work in Strasbourg and 40% remote (or 50% on-site and 50% remote). Start date: Immediately Duration: 1 year; possible extensions Preliminary Requirements: Candidate should be citizen of member states of the European Union (EU nationality), and should be able to get their criminal record. Role: Responsible for defining and executing the testing strategy, participating as well in the development phase. Key Responsibilities: Experience in planning, analysing design and implementation of test cases. Design and develop automated testing scripts (functional, integration, and performance). Create and maintain test cases for: Kafka message processing, RESTful API validation, Full end-to-end system workflows. Conduct load, stress, and scalability tests in a cloud environment. Support corrective testing by identifying and resolving critical defects. Contribute to the generation of synthetic training datasets for testing. Contribute to development efforts. Desired Technologies & Skills: University degree (master or equivalent) in Computer Science/Security Developer-focused profile over tester Knowledge of OpenShift and microservices Languages: Java (Spring Boot) 17,21. APIs: RESTful APIs, OpenAPI/Swagger, JSON Schema, gRPC. Testing Frameworks: JUnit, Kreya, SOAP UI, Gatling. Kafka: Apache Kafka, Kafka Streams, Avro, Confluent. CI/CD Automation: GitLab CI, Jenkins, or Argo CD. Cloud Environments: Kubernetes (GKE, AKS, EKS). Other Tools: REST-assured, Docker, synthetic data tools (Faker, Mockaroo). Very good English speaking & writing skills. Experience and willingness of working in an international/multicultural environment. infeurope is a Luxembourg-based IT service provider, designing, developing and managing multilingual information and documentary systems in many application areas and business sectors. For more than 40 years we have delivered IT systems and solutions.
Request Technology - Robyn Honquest
San Francisco, California
NO SPONSORSHIP EXPERTY CYBER DEFENSE ENGINEER SALARY:$200k - $250k plus 20% bonus LOCATION: REMOTE EXCEPT AK, ND, NE, HI, OK, VT, ME, WY, NH, PUERTO RICO EXPERTY CYBER DEFENSE ENGINEER - Python Automation, Detection engineering, Detecting malicious use of PowerShell Scripting, XSOAR platforms. They run a hybrid environment (azure and on-premise) so knowledge of cloud. Writing analytics to detect malicious activity in the cloud. Log data The second interview is a technical skills assessment where you will troubleshoot some code and discuss specific applications of detection engineering. I am looking for a combination engineer/developer and a SOC/SOAR engineer. Python Scripting, not application development. Heavy automation, Security detection, investigations, log analysis, managing the platform with Spunk, VMWares, CrowdStrike, cyber tools,etc. Must be willing to do on-call rotation every 8 weeks AI/ML is a plus Dashboarding is a plus Heavy Splunk is nice to have but will look at others Job Description We are seeking an experienced Cybersecurity Defense Engineer to join the cybersecurity engineering team. You will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. Qualifications Bachelors degree. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Significant experience using Python for task automation, procedure orchestration, and capability development. Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment.
27/06/2025
Full time
NO SPONSORSHIP EXPERTY CYBER DEFENSE ENGINEER SALARY:$200k - $250k plus 20% bonus LOCATION: REMOTE EXCEPT AK, ND, NE, HI, OK, VT, ME, WY, NH, PUERTO RICO EXPERTY CYBER DEFENSE ENGINEER - Python Automation, Detection engineering, Detecting malicious use of PowerShell Scripting, XSOAR platforms. They run a hybrid environment (azure and on-premise) so knowledge of cloud. Writing analytics to detect malicious activity in the cloud. Log data The second interview is a technical skills assessment where you will troubleshoot some code and discuss specific applications of detection engineering. I am looking for a combination engineer/developer and a SOC/SOAR engineer. Python Scripting, not application development. Heavy automation, Security detection, investigations, log analysis, managing the platform with Spunk, VMWares, CrowdStrike, cyber tools,etc. Must be willing to do on-call rotation every 8 weeks AI/ML is a plus Dashboarding is a plus Heavy Splunk is nice to have but will look at others Job Description We are seeking an experienced Cybersecurity Defense Engineer to join the cybersecurity engineering team. You will architect, develop, and implement advanced technical solutions that empower our cyber defense investigations and incident response teams. You will work independently and in teams to design and implement effective and sustainable capabilities to detect and prevent cyber-attacks, optimize our incident response processes, and enhance the effectiveness of mitigation, containment, and recovery. Qualifications Bachelors degree. Relevant experience and relevant experience within the military is acceptable in lieu of a degree. 8+ years of experience in one or more of the following areas: cybersecurity engineering, detection engineering, incident response, or a similar role, with a proven track record of independent problem solving in high-stakes environments. Significant experience using Python for task automation, procedure orchestration, and capability development. Hands-on experience deploying and configuring security platforms, such as SIEM, SOAR, EDR, NGFW, and network monitoring tools. Experience integrating cyber defense tools and utilizing APIs for process orchestration and task automation. Experience building and deploying threat defense (SIEM) analytics using a detection engineering pipeline. Strong analytical skills with a keen attention to detail. Strong technical writing skills including documentation development, process mapping, and visualization, with the ability to translate complex technical concepts for a variety of technical audiences. Proven ability to work autonomously, lead projects from conception to implementation, and overcome roadblocks in a highly collaborative environment.
Full Stack Developer - Python/React Remote/Contract - must be EU based 6-12 month contract We are seeking an experienced Full Stack Developer with strong expertise in Python, FastAPI, Docker , and PostgreSQL , complemented by Front End skills in ReactJS . This is a long-term contract opportunity to work on high-performance, scalable applications within a modern cloud-based tech stack. Key Requirements Backend Development (Python/FastAPI): 8-14 years of hands-on software development experience Expertise in Python web application development Strong background in API development, service architecture, and controllers Proficient with FastAPI , SQLAlchemy , and database integration (PostgreSQL preferred) Solid understanding of core Python , data structures, and algorithms Comfort with space/time complexity and optimization Front End Development (ReactJS): Skilled in ReactJS , TypeScript , JavaScript , HTML/CSS Experience with React Query , Redux , NodeJS , or similar frameworks Familiarity with Material UI , cross-browser compatibility , and responsive design Testing experience using Jest , Cypress , or related tools Strong understanding of browser rendering behavior and performance tuning DevOps & Infrastructure: Familiar with Docker and containerization best practices Experience working with AWS environments Competent with CI/CD pipelines and automation tools Strong focus on unit testing and test-driven development Bonus Skills Experience with NoSQL databases Prior exposure to microservices architecture Familiarity with Agile/Scrum workflows
27/06/2025
Project-based
Full Stack Developer - Python/React Remote/Contract - must be EU based 6-12 month contract We are seeking an experienced Full Stack Developer with strong expertise in Python, FastAPI, Docker , and PostgreSQL , complemented by Front End skills in ReactJS . This is a long-term contract opportunity to work on high-performance, scalable applications within a modern cloud-based tech stack. Key Requirements Backend Development (Python/FastAPI): 8-14 years of hands-on software development experience Expertise in Python web application development Strong background in API development, service architecture, and controllers Proficient with FastAPI , SQLAlchemy , and database integration (PostgreSQL preferred) Solid understanding of core Python , data structures, and algorithms Comfort with space/time complexity and optimization Front End Development (ReactJS): Skilled in ReactJS , TypeScript , JavaScript , HTML/CSS Experience with React Query , Redux , NodeJS , or similar frameworks Familiarity with Material UI , cross-browser compatibility , and responsive design Testing experience using Jest , Cypress , or related tools Strong understanding of browser rendering behavior and performance tuning DevOps & Infrastructure: Familiar with Docker and containerization best practices Experience working with AWS environments Competent with CI/CD pipelines and automation tools Strong focus on unit testing and test-driven development Bonus Skills Experience with NoSQL databases Prior exposure to microservices architecture Familiarity with Agile/Scrum workflows
Job Title: Blue Prism Developer Location: Bristol (Remote) Salary/Rate: £300-£330 per day Inside IR35 Start Date: 07/07/2025 Job Type: Contract Introduction: An excellent opportunity is available for an experienced Blue Prism Developer to join a dynamic delivery team on a 10-month contract basis. This hybrid role offers mostly remote work, with occasional travel to the Bristol office. Job Responsibilities/Objectives: * As a Blue Prism Developer, you will be responsible for building, testing, and deploying automated solutions to improve business process efficiency. * Develop and implement RPA solutions using Blue Prism. * Gather and interpret technical requirements from stakeholders to deliver robust automation. * Maintain coding standards, development documentation, and best practices. * Work within Agile/SCRUM methodologies to deliver project milestones. * Mentor junior developers and participate in quality assurance reviews. * Identify and communicate project risks and technical issues effectively. Required Skills/Experience: * Proven experience developing with Blue Prism and object-oriented programming. * Strong understanding of automation project life cycles and business process design. * Familiarity with Agile frameworks and tools such as GIT, JIRA, and ServiceNow. * Knowledge of relational databases and communication protocols (eg JMS, HTTP, SOAP, XML, XSD). Desirable Skills/Experience: * Working in cloud environments, particularly Azure. * Using Microsoft Power Automate for workflow automation. * Integration with platforms like Gov.Notify. * Additional technical skills in SQL, JavaScript, React, or Angular. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
27/06/2025
Project-based
Job Title: Blue Prism Developer Location: Bristol (Remote) Salary/Rate: £300-£330 per day Inside IR35 Start Date: 07/07/2025 Job Type: Contract Introduction: An excellent opportunity is available for an experienced Blue Prism Developer to join a dynamic delivery team on a 10-month contract basis. This hybrid role offers mostly remote work, with occasional travel to the Bristol office. Job Responsibilities/Objectives: * As a Blue Prism Developer, you will be responsible for building, testing, and deploying automated solutions to improve business process efficiency. * Develop and implement RPA solutions using Blue Prism. * Gather and interpret technical requirements from stakeholders to deliver robust automation. * Maintain coding standards, development documentation, and best practices. * Work within Agile/SCRUM methodologies to deliver project milestones. * Mentor junior developers and participate in quality assurance reviews. * Identify and communicate project risks and technical issues effectively. Required Skills/Experience: * Proven experience developing with Blue Prism and object-oriented programming. * Strong understanding of automation project life cycles and business process design. * Familiarity with Agile frameworks and tools such as GIT, JIRA, and ServiceNow. * Knowledge of relational databases and communication protocols (eg JMS, HTTP, SOAP, XML, XSD). Desirable Skills/Experience: * Working in cloud environments, particularly Azure. * Using Microsoft Power Automate for workflow automation. * Integration with platforms like Gov.Notify. * Additional technical skills in SQL, JavaScript, React, or Angular. If you are interested in this opportunity, please apply now with your updated CV in Microsoft Word/PDF format. Disclaimer Notwithstanding any guidelines given to level of experience sought, we will consider candidates from outside this range if they can demonstrate the necessary competencies. Square One is acting as both an employment agency and an employment business, and is an equal opportunities recruitment business. Square One embraces diversity and will treat everyone equally. Please see our website for our full diversity statement.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior IBM MQ Middleware Engineer. Candidate will be responsible for the end-to-end administration, maintenance, and support of our critical IBM MQ messaging infrastructure. This role involves ensuring the reliability, availability, performance, and security of the MQ environment, supporting business applications, and actively participating in strategic initiatives such as cloud migration, containerization, and system modernization. Responsibilities: Install, configure, and maintain IBM MQ software (Queue Managers, Clients) on RHEL. Perform version upgrades, apply fix packs, and manage patching cycles according to best practices and security requirements. Configure MQ objects, including Queue Managers, Queues (Local, Remote, Alias, Model), Channels, Listeners, Clusters, Topics, and Subscriptions. Monitor MQ system performance metrics, message throughput, and latency. Identify performance bottlenecks and implement tuning adjustments at the Queue Manager, channel, and queue levels. Analyze MQ logs and trace data to optimize configurations. Provide expert-level troubleshooting for MQ-related issues, including connectivity problems, message delivery failures, security errors, and performance degradation. Act as a primary point of contact for application teams regarding MQ connectivity and messaging issues. Respond to incidents, diagnose root causes, and implement corrective actions, participating in on-call rotation if applicable. Monitor resource utilization (CPU, memory, disk space, message depths) and forecast future capacity needs. Design and implement scalable MQ solutions, including clustering and distributed queuing, to meet growing business demands. Develop, implement, test, and maintain disaster recovery (DR) procedures for the MQ environment. Configure and manage high availability (HA) solutions, potentially including multi-instance Queue Managers or clustering. Participate in regular DR testing exercises. Implement and manage MQ security configurations, including TLS/SSL for channels, Channel Authentication Rules (CHLAUTH), and Object Authority Manager (OAM). Work with security teams to ensure compliance with security policies and standards. Manage certificates and keystores for secure communication. Interface with IBM support (raising PMRs/Cases) for problem resolution, technical guidance, and product information. Stay informed about IBM MQ product roadmaps, new features, and end-of-support timelines. Participate in the planning, design, and execution of migrating IBM MQ workloads to AWS. Contribute to initiatives involving the deployment and management of IBM MQ in containerized environments (eg, Docker, Kubernetes, OpenShift), utilizing MQ container images and operators. Actively participate in infrastructure modernization projects related to messaging. Develop and maintain scripts (eg, Shell, Python, Perl) or utilize automation tools (eg, Ansible) to streamline routine MQ administration tasks, deployments, and configuration management. Create and maintain comprehensive documentation for MQ architecture, configurations, standards, and operational procedures. Collaborate effectively with application developers, system administrators, network engineers, database administrators, and project managers. Qualifications: Strong understanding of core IBM MQ concepts (Queue Managers, Queues, Channels, Clustering, Publish/Subscribe, Security). Proficiency in administering IBM MQ on [Specify primary OS, eg, Linux, Windows]. Proven troubleshooting skills in diagnosing and resolving complex MQ issues. Experience with Scripting languages (eg, Bash, Python, Perl) for automation. Understanding of networking concepts (TCP/IP, DNS, Firewalls, load balancers) as they relate to MQ. Excellent communication and interpersonal skills. Ability to work independently and as part of a collaborative team. Experience with IBM MQ on RHEL and containers in cloud. Experience with advanced MQ features like MQ Appliances, Advanced Message Security (AMS), Managed File Transfer (MFT). Experience migrating or managing IBM MQ in AWS. Hands-on experience with containerization technologies (Docker, Kubernetes, OpenShift) and managing MQ in containers. Experience with infrastructure-as-code (IaC) tools like Ansible or Terraform. Experience with enterprise monitoring tools (eg, Instana, Dynatrace, Splunk, Nagios, Prometheus). Familiarity with other messaging technologies like Kafka. Experience working in Agile/DevOps environments. IBM MQ, Ansible, Terraform, Bash, Docker Kubernetes, Rancher, GitHub, Artifactory, Harness, Jenkins, AWS, Azure, CI/CD, IaC, Automated Cloud Provisioning Education and/or Experience: Bachelor's degree in Computer Science, Information Technology, or a related field, OR equivalent practical experience. 10+ years of hands-on experience administering IBM MQ in a complex enterprise environment. Certificates or Licenses: AWS Solutions Architect, CKAD or CKA certifications preferred.
26/06/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior IBM MQ Middleware Engineer. Candidate will be responsible for the end-to-end administration, maintenance, and support of our critical IBM MQ messaging infrastructure. This role involves ensuring the reliability, availability, performance, and security of the MQ environment, supporting business applications, and actively participating in strategic initiatives such as cloud migration, containerization, and system modernization. Responsibilities: Install, configure, and maintain IBM MQ software (Queue Managers, Clients) on RHEL. Perform version upgrades, apply fix packs, and manage patching cycles according to best practices and security requirements. Configure MQ objects, including Queue Managers, Queues (Local, Remote, Alias, Model), Channels, Listeners, Clusters, Topics, and Subscriptions. Monitor MQ system performance metrics, message throughput, and latency. Identify performance bottlenecks and implement tuning adjustments at the Queue Manager, channel, and queue levels. Analyze MQ logs and trace data to optimize configurations. Provide expert-level troubleshooting for MQ-related issues, including connectivity problems, message delivery failures, security errors, and performance degradation. Act as a primary point of contact for application teams regarding MQ connectivity and messaging issues. Respond to incidents, diagnose root causes, and implement corrective actions, participating in on-call rotation if applicable. Monitor resource utilization (CPU, memory, disk space, message depths) and forecast future capacity needs. Design and implement scalable MQ solutions, including clustering and distributed queuing, to meet growing business demands. Develop, implement, test, and maintain disaster recovery (DR) procedures for the MQ environment. Configure and manage high availability (HA) solutions, potentially including multi-instance Queue Managers or clustering. Participate in regular DR testing exercises. Implement and manage MQ security configurations, including TLS/SSL for channels, Channel Authentication Rules (CHLAUTH), and Object Authority Manager (OAM). Work with security teams to ensure compliance with security policies and standards. Manage certificates and keystores for secure communication. Interface with IBM support (raising PMRs/Cases) for problem resolution, technical guidance, and product information. Stay informed about IBM MQ product roadmaps, new features, and end-of-support timelines. Participate in the planning, design, and execution of migrating IBM MQ workloads to AWS. Contribute to initiatives involving the deployment and management of IBM MQ in containerized environments (eg, Docker, Kubernetes, OpenShift), utilizing MQ container images and operators. Actively participate in infrastructure modernization projects related to messaging. Develop and maintain scripts (eg, Shell, Python, Perl) or utilize automation tools (eg, Ansible) to streamline routine MQ administration tasks, deployments, and configuration management. Create and maintain comprehensive documentation for MQ architecture, configurations, standards, and operational procedures. Collaborate effectively with application developers, system administrators, network engineers, database administrators, and project managers. Qualifications: Strong understanding of core IBM MQ concepts (Queue Managers, Queues, Channels, Clustering, Publish/Subscribe, Security). Proficiency in administering IBM MQ on [Specify primary OS, eg, Linux, Windows]. Proven troubleshooting skills in diagnosing and resolving complex MQ issues. Experience with Scripting languages (eg, Bash, Python, Perl) for automation. Understanding of networking concepts (TCP/IP, DNS, Firewalls, load balancers) as they relate to MQ. Excellent communication and interpersonal skills. Ability to work independently and as part of a collaborative team. Experience with IBM MQ on RHEL and containers in cloud. Experience with advanced MQ features like MQ Appliances, Advanced Message Security (AMS), Managed File Transfer (MFT). Experience migrating or managing IBM MQ in AWS. Hands-on experience with containerization technologies (Docker, Kubernetes, OpenShift) and managing MQ in containers. Experience with infrastructure-as-code (IaC) tools like Ansible or Terraform. Experience with enterprise monitoring tools (eg, Instana, Dynatrace, Splunk, Nagios, Prometheus). Familiarity with other messaging technologies like Kafka. Experience working in Agile/DevOps environments. IBM MQ, Ansible, Terraform, Bash, Docker Kubernetes, Rancher, GitHub, Artifactory, Harness, Jenkins, AWS, Azure, CI/CD, IaC, Automated Cloud Provisioning Education and/or Experience: Bachelor's degree in Computer Science, Information Technology, or a related field, OR equivalent practical experience. 10+ years of hands-on experience administering IBM MQ in a complex enterprise environment. Certificates or Licenses: AWS Solutions Architect, CKAD or CKA certifications preferred.
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior IBM MQ Middleware Engineer. Candidate will be responsible for the end-to-end administration, maintenance, and support of our critical IBM MQ messaging infrastructure. This role involves ensuring the reliability, availability, performance, and security of the MQ environment, supporting business applications, and actively participating in strategic initiatives such as cloud migration, containerization, and system modernization. Responsibilities: Install, configure, and maintain IBM MQ software (Queue Managers, Clients) on RHEL. Perform version upgrades, apply fix packs, and manage patching cycles according to best practices and security requirements. Configure MQ objects, including Queue Managers, Queues (Local, Remote, Alias, Model), Channels, Listeners, Clusters, Topics, and Subscriptions. Monitor MQ system performance metrics, message throughput, and latency. Identify performance bottlenecks and implement tuning adjustments at the Queue Manager, channel, and queue levels. Analyze MQ logs and trace data to optimize configurations. Provide expert-level troubleshooting for MQ-related issues, including connectivity problems, message delivery failures, security errors, and performance degradation. Act as a primary point of contact for application teams regarding MQ connectivity and messaging issues. Respond to incidents, diagnose root causes, and implement corrective actions, participating in on-call rotation if applicable. Monitor resource utilization (CPU, memory, disk space, message depths) and forecast future capacity needs. Design and implement scalable MQ solutions, including clustering and distributed queuing, to meet growing business demands. Develop, implement, test, and maintain disaster recovery (DR) procedures for the MQ environment. Configure and manage high availability (HA) solutions, potentially including multi-instance Queue Managers or clustering. Participate in regular DR testing exercises. Implement and manage MQ security configurations, including TLS/SSL for channels, Channel Authentication Rules (CHLAUTH), and Object Authority Manager (OAM). Work with security teams to ensure compliance with security policies and standards. Manage certificates and keystores for secure communication. Interface with IBM support (raising PMRs/Cases) for problem resolution, technical guidance, and product information. Stay informed about IBM MQ product roadmaps, new features, and end-of-support timelines. Participate in the planning, design, and execution of migrating IBM MQ workloads to AWS. Contribute to initiatives involving the deployment and management of IBM MQ in containerized environments (eg, Docker, Kubernetes, OpenShift), utilizing MQ container images and operators. Actively participate in infrastructure modernization projects related to messaging. Develop and maintain scripts (eg, Shell, Python, Perl) or utilize automation tools (eg, Ansible) to streamline routine MQ administration tasks, deployments, and configuration management. Create and maintain comprehensive documentation for MQ architecture, configurations, standards, and operational procedures. Collaborate effectively with application developers, system administrators, network engineers, database administrators, and project managers. Qualifications: Strong understanding of core IBM MQ concepts (Queue Managers, Queues, Channels, Clustering, Publish/Subscribe, Security). Proficiency in administering IBM MQ on [Specify primary OS, eg, Linux, Windows]. Proven troubleshooting skills in diagnosing and resolving complex MQ issues. Experience with Scripting languages (eg, Bash, Python, Perl) for automation. Understanding of networking concepts (TCP/IP, DNS, Firewalls, load balancers) as they relate to MQ. Excellent communication and interpersonal skills. Ability to work independently and as part of a collaborative team. Experience with IBM MQ on RHEL and containers in cloud. Experience with advanced MQ features like MQ Appliances, Advanced Message Security (AMS), Managed File Transfer (MFT). Experience migrating or managing IBM MQ in AWS. Hands-on experience with containerization technologies (Docker, Kubernetes, OpenShift) and managing MQ in containers. Experience with infrastructure-as-code (IaC) tools like Ansible or Terraform. Experience with enterprise monitoring tools (eg, Instana, Dynatrace, Splunk, Nagios, Prometheus). Familiarity with other messaging technologies like Kafka. Experience working in Agile/DevOps environments. IBM MQ, Ansible, Terraform, Bash, Docker Kubernetes, Rancher, GitHub, Artifactory, Harness, Jenkins, AWS, Azure, CI/CD, IaC, Automated Cloud Provisioning Education and/or Experience: Bachelor's degree in Computer Science, Information Technology, or a related field, OR equivalent practical experience. 10+ years of hands-on experience administering IBM MQ in a complex enterprise environment. Certificates or Licenses: AWS Solutions Architect, CKAD or CKA certifications preferred.
26/06/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior IBM MQ Middleware Engineer. Candidate will be responsible for the end-to-end administration, maintenance, and support of our critical IBM MQ messaging infrastructure. This role involves ensuring the reliability, availability, performance, and security of the MQ environment, supporting business applications, and actively participating in strategic initiatives such as cloud migration, containerization, and system modernization. Responsibilities: Install, configure, and maintain IBM MQ software (Queue Managers, Clients) on RHEL. Perform version upgrades, apply fix packs, and manage patching cycles according to best practices and security requirements. Configure MQ objects, including Queue Managers, Queues (Local, Remote, Alias, Model), Channels, Listeners, Clusters, Topics, and Subscriptions. Monitor MQ system performance metrics, message throughput, and latency. Identify performance bottlenecks and implement tuning adjustments at the Queue Manager, channel, and queue levels. Analyze MQ logs and trace data to optimize configurations. Provide expert-level troubleshooting for MQ-related issues, including connectivity problems, message delivery failures, security errors, and performance degradation. Act as a primary point of contact for application teams regarding MQ connectivity and messaging issues. Respond to incidents, diagnose root causes, and implement corrective actions, participating in on-call rotation if applicable. Monitor resource utilization (CPU, memory, disk space, message depths) and forecast future capacity needs. Design and implement scalable MQ solutions, including clustering and distributed queuing, to meet growing business demands. Develop, implement, test, and maintain disaster recovery (DR) procedures for the MQ environment. Configure and manage high availability (HA) solutions, potentially including multi-instance Queue Managers or clustering. Participate in regular DR testing exercises. Implement and manage MQ security configurations, including TLS/SSL for channels, Channel Authentication Rules (CHLAUTH), and Object Authority Manager (OAM). Work with security teams to ensure compliance with security policies and standards. Manage certificates and keystores for secure communication. Interface with IBM support (raising PMRs/Cases) for problem resolution, technical guidance, and product information. Stay informed about IBM MQ product roadmaps, new features, and end-of-support timelines. Participate in the planning, design, and execution of migrating IBM MQ workloads to AWS. Contribute to initiatives involving the deployment and management of IBM MQ in containerized environments (eg, Docker, Kubernetes, OpenShift), utilizing MQ container images and operators. Actively participate in infrastructure modernization projects related to messaging. Develop and maintain scripts (eg, Shell, Python, Perl) or utilize automation tools (eg, Ansible) to streamline routine MQ administration tasks, deployments, and configuration management. Create and maintain comprehensive documentation for MQ architecture, configurations, standards, and operational procedures. Collaborate effectively with application developers, system administrators, network engineers, database administrators, and project managers. Qualifications: Strong understanding of core IBM MQ concepts (Queue Managers, Queues, Channels, Clustering, Publish/Subscribe, Security). Proficiency in administering IBM MQ on [Specify primary OS, eg, Linux, Windows]. Proven troubleshooting skills in diagnosing and resolving complex MQ issues. Experience with Scripting languages (eg, Bash, Python, Perl) for automation. Understanding of networking concepts (TCP/IP, DNS, Firewalls, load balancers) as they relate to MQ. Excellent communication and interpersonal skills. Ability to work independently and as part of a collaborative team. Experience with IBM MQ on RHEL and containers in cloud. Experience with advanced MQ features like MQ Appliances, Advanced Message Security (AMS), Managed File Transfer (MFT). Experience migrating or managing IBM MQ in AWS. Hands-on experience with containerization technologies (Docker, Kubernetes, OpenShift) and managing MQ in containers. Experience with infrastructure-as-code (IaC) tools like Ansible or Terraform. Experience with enterprise monitoring tools (eg, Instana, Dynatrace, Splunk, Nagios, Prometheus). Familiarity with other messaging technologies like Kafka. Experience working in Agile/DevOps environments. IBM MQ, Ansible, Terraform, Bash, Docker Kubernetes, Rancher, GitHub, Artifactory, Harness, Jenkins, AWS, Azure, CI/CD, IaC, Automated Cloud Provisioning Education and/or Experience: Bachelor's degree in Computer Science, Information Technology, or a related field, OR equivalent practical experience. 10+ years of hands-on experience administering IBM MQ in a complex enterprise environment. Certificates or Licenses: AWS Solutions Architect, CKAD or CKA certifications preferred.
NO SPONSORSHIP Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On Site 3 days a week Looking for an Application security, web applications, network applications engineer. You will also create custom scripts and perform automation while also performing security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts.
25/06/2025
Full time
NO SPONSORSHIP Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On Site 3 days a week Looking for an Application security, web applications, network applications engineer. You will also create custom scripts and perform automation while also performing security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts.
Guidewire Developer - Certified Location London Salary: £80,000 - £90,000 per annum + 20% Bonus Type: Permanent, Hybrid (2 days in London) About the Role: An ACE Certified Guidewire Developer with experience with Guidewire for claims, and ClaimCenter configurations is required for a leading insurance organisation in London. The business is currently in the process of migrating to Guidewire and would be looking for a developer to lead them through the migration process and to monitor and configure the platform, as well as architect and design solutions being pioneered within the Guidewire Cloud. This is a brand-new team with lots of scope for development and growth. You should have strong development skills in Java and GOSU as well as stakeholder skills to help the organisation navigate the migration and onboard Guidewire. Key Responsibilities: Leadership : Leading the development, design, architecture, integration, and customisation of Guidewire for the insurer. System Integration : Creating seamless connections between ClaimCenter and other systems, including PAS, document management systems, and external data providers. Platform Monitoring : Determine requirements for specific alerts, set up alerts for various events and thresholds, utilise Datadog logs and dashboards for error analysis, and track DXC downtime while communicating updates to users. Platform Updates : Conduct a 3-way merge of updated code, validate new versions, and implement new features from updates. Stakeholder management : ability to work closely with the business, gathering requirements and work closely with the Scrum and broader software teams. Requirements: ACE Certified in Guidewire Experience onboarding and integrating Guidewire for a specialty insurer Proficiency in coding with GOSU, Java, C#, or Python SQL and other relational database experience, along with supporting database applications CI/CD and DevOps experience for test automation and cloud deployment Why Join this business? Innovative Projects: Be at the forefront of pioneering solutions within the Guidewire Cloud. Working within a small team for specialty insurance. Career Growth: Join a brand-new team with lots of scope for development and growth. Competitive Package: Attractive salary and bonus structure. Apply now for consideration or reach out to (see below)
25/06/2025
Full time
Guidewire Developer - Certified Location London Salary: £80,000 - £90,000 per annum + 20% Bonus Type: Permanent, Hybrid (2 days in London) About the Role: An ACE Certified Guidewire Developer with experience with Guidewire for claims, and ClaimCenter configurations is required for a leading insurance organisation in London. The business is currently in the process of migrating to Guidewire and would be looking for a developer to lead them through the migration process and to monitor and configure the platform, as well as architect and design solutions being pioneered within the Guidewire Cloud. This is a brand-new team with lots of scope for development and growth. You should have strong development skills in Java and GOSU as well as stakeholder skills to help the organisation navigate the migration and onboard Guidewire. Key Responsibilities: Leadership : Leading the development, design, architecture, integration, and customisation of Guidewire for the insurer. System Integration : Creating seamless connections between ClaimCenter and other systems, including PAS, document management systems, and external data providers. Platform Monitoring : Determine requirements for specific alerts, set up alerts for various events and thresholds, utilise Datadog logs and dashboards for error analysis, and track DXC downtime while communicating updates to users. Platform Updates : Conduct a 3-way merge of updated code, validate new versions, and implement new features from updates. Stakeholder management : ability to work closely with the business, gathering requirements and work closely with the Scrum and broader software teams. Requirements: ACE Certified in Guidewire Experience onboarding and integrating Guidewire for a specialty insurer Proficiency in coding with GOSU, Java, C#, or Python SQL and other relational database experience, along with supporting database applications CI/CD and DevOps experience for test automation and cloud deployment Why Join this business? Innovative Projects: Be at the forefront of pioneering solutions within the Guidewire Cloud. Working within a small team for specialty insurance. Career Growth: Join a brand-new team with lots of scope for development and growth. Competitive Package: Attractive salary and bonus structure. Apply now for consideration or reach out to (see below)
We are looking for a PRUM Tester to work for a client project in Strasbourg. Location: 60% on-site work in Strasbourg and 40% remote (or 50% on-site and 50% remote) Start date: Immediately Duration: 1 year; possible extensions Preliminary Requirements: Candidate should be citizen of member states of the European Union (EU nationality), and should be able to get their criminal record. Role: Responsible for defining and executing the testing strategy, participating as well in the development phase. Key Responsibilities: Experience in planning, analysing design and implementation of test cases. Design and develop automated testing scripts (functional, integration, and performance). Create and maintain test cases for: Kafka message processing, RESTful API validation, Full end-to-end system workflows. Conduct load, stress, and scalability tests in a cloud environment. Support corrective testing by identifying and resolving critical defects. Contribute to the generation of synthetic training datasets for testing. Contribute to development efforts. Desired Technologies & Skills: University degree (master or equivalent) in Computer Science/Security Developer-focused profile over tester Knowledge of OpenShift and microservices Languages: Java (Spring Boot) 17,21. APIs: RESTful APIs, OpenAPI/Swagger, JSON Schema, gRPC. Testing Frameworks: JUnit, Kreya, SOAP UI, Gatling. Kafka: Apache Kafka, Kafka Streams, Avro, Confluent. CI/CD Automation: GitLab CI, Jenkins, or Argo CD. Cloud Environments: Kubernetes (GKE, AKS, EKS). Other Tools: REST-assured, Docker, synthetic data tools (Faker, Mockaroo). Very good English speaking & writing skills. Experience and willingness of working in an international/multicultural environment.
25/06/2025
Project-based
We are looking for a PRUM Tester to work for a client project in Strasbourg. Location: 60% on-site work in Strasbourg and 40% remote (or 50% on-site and 50% remote) Start date: Immediately Duration: 1 year; possible extensions Preliminary Requirements: Candidate should be citizen of member states of the European Union (EU nationality), and should be able to get their criminal record. Role: Responsible for defining and executing the testing strategy, participating as well in the development phase. Key Responsibilities: Experience in planning, analysing design and implementation of test cases. Design and develop automated testing scripts (functional, integration, and performance). Create and maintain test cases for: Kafka message processing, RESTful API validation, Full end-to-end system workflows. Conduct load, stress, and scalability tests in a cloud environment. Support corrective testing by identifying and resolving critical defects. Contribute to the generation of synthetic training datasets for testing. Contribute to development efforts. Desired Technologies & Skills: University degree (master or equivalent) in Computer Science/Security Developer-focused profile over tester Knowledge of OpenShift and microservices Languages: Java (Spring Boot) 17,21. APIs: RESTful APIs, OpenAPI/Swagger, JSON Schema, gRPC. Testing Frameworks: JUnit, Kreya, SOAP UI, Gatling. Kafka: Apache Kafka, Kafka Streams, Avro, Confluent. CI/CD Automation: GitLab CI, Jenkins, or Argo CD. Cloud Environments: Kubernetes (GKE, AKS, EKS). Other Tools: REST-assured, Docker, synthetic data tools (Faker, Mockaroo). Very good English speaking & writing skills. Experience and willingness of working in an international/multicultural environment.
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
25/06/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
24/06/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
NO SPONSORSHIP Associate Principal, Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On site 3 days a week Application security, web applications, network applications. This position works closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities include: Candidate would perform Network/Application and Web Application security. Also create custom scripts and perform automation while also perform security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Primary Duties and Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes - designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years' experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
24/06/2025
Full time
NO SPONSORSHIP Associate Principal, Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On site 3 days a week Application security, web applications, network applications. This position works closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities include: Candidate would perform Network/Application and Web Application security. Also create custom scripts and perform automation while also perform security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Primary Duties and Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes - designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years' experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
