Logo
  • Publica Anunt
  • Cauta Joburi
  • En

LoginIntra in cont

Intra in cont
  • Continut personalizat
  • Solutii si produse de recrutare
Log In Ai uitat parola ?
Inregistrare
Cont nou?
Creeaza-ti cont

Intra in cont

Ai uitat parola ?
Cautare avansata Alerte joburi Avanseaza in cariera Joburi Studenti Adauga CV Alege produs de recrutare

Alerte joburi

Anuntul de job nu mai este valabil. Va prezentam mai jos cateva oferte de angajare similare cu anuntul cautat de dvs.

31 joburi disponibile

Seteaza o alerta de joburi
Refine Search
Cautare curenta
controls engineer
Request Technology - Craig Johnson
IAM Business Analyst
Request Technology - Craig Johnson Alpharetta, Georgia
Prestigious Enterprise Company is currently seeking an IAM Business Analyst with SailPoint experience. Candidate will support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. This role requires a seasoned SailPoint BA that will perform comprehensive discovery and classification of all non-person identities in the IAM roadmap. This involves working with stakeholders in various teams (DevOps, Infrastructure & Operations, App Dev) to identify and assign ownership to non-person accounts. Qualifications: Strong experience in business analysis within the IAM domain. Ability to gather and document requirements from stakeholders and translate business needs into functional specifications or process designs. A solid understanding of IAM fundamentals as they apply to both person and non-person accounts is required. Understanding of what non-person identities are and how they are used. Familiarity with the life cycle of accounts. Hands-on experience with IAM tools, such as SailPoint IIQ and CyberArk. The candidate should know how such tools can be configured to manage account certifications, and reporting for accounts. Ability to run reports or configure access review campaigns in these systems is a plus. Proficiency in analysing access data and identity records. Should be comfortable using spreadsheets, databases, or reporting tools to identify patterns. Attention to detail is crucial. Ability to design clear processes and workflows for identity management (eg, a workflow for requesting non-person accounts.) Excellent documentation skills are required to create policies, procedures, standards, and job aids that will be used by technical and non-technical teams. Excellent communication skills, both written and verbal. This role involves liaison between technical teams and business units the BA must be able to articulate the importance of controls to non-technical stakeholders and relay business priorities to technical implementers. Experience running meetings or workshops to discuss requirements or review findings is important. Strong organizational and time-management skills. The role requires managing multiple initiatives simultaneously. The ideal candidate can prioritize tasks, handle project timelines, and work independently with minimal supervision. Required Skills: While this is not a hands-on engineering role, experience with Scripting or basic programming with Python, Java or PowerShell can help in understanding automation of identity tasks. Knowledge of database queries or reporting tools can assist in pulling together identity data. Exposure to cloud environments (Azure, AWS, Oracle, GCP) and their native identity constructs (like AWS IAM roles, Azure service principals, etc.) is a plus.
04/07/2025
Project-based
Prestigious Enterprise Company is currently seeking an IAM Business Analyst with SailPoint experience. Candidate will support the Identity and Access Management service, which seeks to create a delightful access experience that optimizes usability, accountability, and cyber risk exposure. This role requires a seasoned SailPoint BA that will perform comprehensive discovery and classification of all non-person identities in the IAM roadmap. This involves working with stakeholders in various teams (DevOps, Infrastructure & Operations, App Dev) to identify and assign ownership to non-person accounts. Qualifications: Strong experience in business analysis within the IAM domain. Ability to gather and document requirements from stakeholders and translate business needs into functional specifications or process designs. A solid understanding of IAM fundamentals as they apply to both person and non-person accounts is required. Understanding of what non-person identities are and how they are used. Familiarity with the life cycle of accounts. Hands-on experience with IAM tools, such as SailPoint IIQ and CyberArk. The candidate should know how such tools can be configured to manage account certifications, and reporting for accounts. Ability to run reports or configure access review campaigns in these systems is a plus. Proficiency in analysing access data and identity records. Should be comfortable using spreadsheets, databases, or reporting tools to identify patterns. Attention to detail is crucial. Ability to design clear processes and workflows for identity management (eg, a workflow for requesting non-person accounts.) Excellent documentation skills are required to create policies, procedures, standards, and job aids that will be used by technical and non-technical teams. Excellent communication skills, both written and verbal. This role involves liaison between technical teams and business units the BA must be able to articulate the importance of controls to non-technical stakeholders and relay business priorities to technical implementers. Experience running meetings or workshops to discuss requirements or review findings is important. Strong organizational and time-management skills. The role requires managing multiple initiatives simultaneously. The ideal candidate can prioritize tasks, handle project timelines, and work independently with minimal supervision. Required Skills: While this is not a hands-on engineering role, experience with Scripting or basic programming with Python, Java or PowerShell can help in understanding automation of identity tasks. Knowledge of database queries or reporting tools can assist in pulling together identity data. Exposure to cloud environments (Azure, AWS, Oracle, GCP) and their native identity constructs (like AWS IAM roles, Azure service principals, etc.) is a plus.
Request Technology
ForgeRock IAM Engineer
Request Technology Chicago, Illinois
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a ForgeRock IAM Engineer. This engineer will focus on ForgeRock Identity Suite using OAuth methodologies in Linux/Windows enterprise environment. This engineer will support, administer, integrate, and configure the ForgeRock Identity Products. Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Qualifications Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience with ForgeRock Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc) Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS)
04/07/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a ForgeRock IAM Engineer. This engineer will focus on ForgeRock Identity Suite using OAuth methodologies in Linux/Windows enterprise environment. This engineer will support, administer, integrate, and configure the ForgeRock Identity Products. Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Qualifications Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience with ForgeRock Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc) Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS)
Request Technology
ForgeRock IAM Engineer
Request Technology Dallas, Texas
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a ForgeRock IAM Engineer. This engineer will focus on ForgeRock Identity Suite using OAuth methodologies in Linux/Windows enterprise environment. This engineer will support, administer, integrate, and configure the ForgeRock Identity Products. Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Qualifications Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience with ForgeRock Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc) Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS)
04/07/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a ForgeRock IAM Engineer. This engineer will focus on ForgeRock Identity Suite using OAuth methodologies in Linux/Windows enterprise environment. This engineer will support, administer, integrate, and configure the ForgeRock Identity Products. Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Qualifications Bachelor's degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience with ForgeRock Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc) Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS)
Crimson Limited
FinOps Engineer - Burton upon Trent
Crimson Limited Burton-on-trent, Staffordshire
FinOps Engineer - Burton upon Trent Once per month onsite Salary upto £53,000 FinOps Engineer required for an organisation based in Burton. The position focuses on efficient and cost-effective management of Azure-based cloud infrastructure, including continuous monitoring of cloud usage and spending, development and implementation of cost optimisation strategies, and cross-team collaboration to ensure financial accountability. Key skills and responsibilities: Experience in FinOps Roles: Previous work in a similar FinOps engineer role with knowledge of cloud cost optimisation. Azure Certifications: Possession of Azure certifications such as AZ-104 to demonstrate proficiency in Azure cloud services. PowerBI Certifications: PowerBI certifications are advantageous for demonstrating data analysis skills. Azure Policy Implementation: Experience implementing and managing Azure Policy controls to support cost optimisation. Monitoring Cloud Usage and Spending: Ongoing tracking and analysis of cloud usage and expenditure to identify cost-saving measures. Developing Cost Optimisation Strategies: Creation and application of strategies to optimise cloud costs, including resource tagging, right-sizing, and identification of unused resources. Collaborating with Teams: Regular interaction with finance, operations, and technology departments to support cost optimisation efforts and maintain financial accountability. Implementing FinOps Tools: Deployment and management of cloud management and FinOps tools to improve cost visibility and control. Cost Forecasting and Budgeting: Preparation of accurate cost forecasts and budgets aligned with organisational financial objectives. Interested?! Send your up-to-date CV to Dean Sadler-Parkes at Crimson for review Not interested?! Do you know anyone that might be? Refer a friend for this role to earn £250 worth of vouchers.
04/07/2025
Full time
FinOps Engineer - Burton upon Trent Once per month onsite Salary upto £53,000 FinOps Engineer required for an organisation based in Burton. The position focuses on efficient and cost-effective management of Azure-based cloud infrastructure, including continuous monitoring of cloud usage and spending, development and implementation of cost optimisation strategies, and cross-team collaboration to ensure financial accountability. Key skills and responsibilities: Experience in FinOps Roles: Previous work in a similar FinOps engineer role with knowledge of cloud cost optimisation. Azure Certifications: Possession of Azure certifications such as AZ-104 to demonstrate proficiency in Azure cloud services. PowerBI Certifications: PowerBI certifications are advantageous for demonstrating data analysis skills. Azure Policy Implementation: Experience implementing and managing Azure Policy controls to support cost optimisation. Monitoring Cloud Usage and Spending: Ongoing tracking and analysis of cloud usage and expenditure to identify cost-saving measures. Developing Cost Optimisation Strategies: Creation and application of strategies to optimise cloud costs, including resource tagging, right-sizing, and identification of unused resources. Collaborating with Teams: Regular interaction with finance, operations, and technology departments to support cost optimisation efforts and maintain financial accountability. Implementing FinOps Tools: Deployment and management of cloud management and FinOps tools to improve cost visibility and control. Cost Forecasting and Budgeting: Preparation of accurate cost forecasts and budgets aligned with organisational financial objectives. Interested?! Send your up-to-date CV to Dean Sadler-Parkes at Crimson for review Not interested?! Do you know anyone that might be? Refer a friend for this role to earn £250 worth of vouchers.
Actalent
NPI Manager
Actalent Dublin, Dublin
Description The role of New Product Introduction (NPI) Manager is responsible for the program management including scope, budget, schedule and delivery for the Technology Transfer and introduction of a new product, drug substance, drug product, Medical Device and Finished Packaging either to an internal site or an external CMO site. This role will collaborate closely with Technical Operations, Supply Planning, Quality, Finance, EM&O and other relevant departments. This role will work closely with the internal client's site or an external CMO to plan and execute a multi-discipline Tech Transfer project, including project approach and resource needs, schedule, budget and ownership throughout the project delivery phases. Principal Responsibilities: Plan and execute multi-discipline Tech Transfer projects, including project approach and resource needs, ownership through the project delivery phases of Planning, Process Prepare project charters including business justification for new projects. Responsible for the generation of project cost estimates, budgets, forecasting, and long-range plan. In conjunction with Finance ensure that there is an appropriate mechanism established for cost tracking/transfer and cross charging. Track project deliverables, provide regular project reporting on status to plan and KPIs, schedule and budget reports Manage the decision log and risk register for the project Ensure that the client's business needs and priorities are clearly understood and that the project execution plan reflects the scope and schedule of these needs and priorities. Lead the project team through all project phases from design through to regulatory submission. Engage site functional SME support (Tech Services, Operations, Engineering, and Quality etc.) as required. Develop project controls (Project Execution Plan (PEP), schedule, risks) to ensure alignment of project timelines with business needs. Communicate progress against plan on a regular basis and develop mitigations for project risks/delays. Prepare monthly metrics on project performance, achievements, and statistics. Work closely with other site functions to ensure a smooth transition between project and operational phases. Responsible for the project management support for the NPI/Technology Transfer of a product across the network using the Alexion TT Business Process from initial SG1 agreement to SG6 Regulatory approval. Provide support to the Technical team in creating project management reports/schedules/plans etc. Organise and facilitate project meetings/Stage Gate meetings in conjunction with the TT leader. Ensuring appropriate internal/external communication Ensure the appropriate resources are allocated to the project, Leaders and Steering team. Work with project controls, Finance and function leads to manage costs and cash flow according to the approved capital budget and report costs monthly to the ATO team. Support the ATO team to continuously improve TT practice across the network using a lean and standardized approach that can be replicated and continuously improved for subsequent product transfers. Identify current business process or tools that are critical to a successful and lean TT process and participate as required in driving necessary improvements in conjunction with the business owner. Experience in developing and using Smart Sheet to allow easy tracking of TT Milestones and Metrics. Experience /Qualification: Demonstrated leadership of technical and/or operational teams or projects within a biopharmaceutical manufacturing organization. Experience within new product introduction project work is preferred. Strong track record of leading in a global and Matrix environment and working cross functionally with internal and external stakeholders Ability to quickly establish strong, effective and enduring partnerships with internal and external stakeholders Strong organizational, change management, problem solving and leadership skills Strong presentation and communication skills Team player with the ability to manage multiple tasks simultaneously Experience of biopharmaceutical Bulk Drug Substance (BDS) manufacturing, Aseptic Fill Finish and Finished Packaging. A working knowledge of regulatory requirements for pharmaceutical industry is required. Operational excellence knowledge and application using Lean or six-sigma tools would be advantageous. Education: Minimum undergraduate degree in science/business or engineering. Job Title: NPI Manager Location: Dublin, Ireland Job Type: Contract Trading as Aerotek. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. Aerotek and Actalent Services are companies within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Actalent Services, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to the website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
04/07/2025
Project-based
Description The role of New Product Introduction (NPI) Manager is responsible for the program management including scope, budget, schedule and delivery for the Technology Transfer and introduction of a new product, drug substance, drug product, Medical Device and Finished Packaging either to an internal site or an external CMO site. This role will collaborate closely with Technical Operations, Supply Planning, Quality, Finance, EM&O and other relevant departments. This role will work closely with the internal client's site or an external CMO to plan and execute a multi-discipline Tech Transfer project, including project approach and resource needs, schedule, budget and ownership throughout the project delivery phases. Principal Responsibilities: Plan and execute multi-discipline Tech Transfer projects, including project approach and resource needs, ownership through the project delivery phases of Planning, Process Prepare project charters including business justification for new projects. Responsible for the generation of project cost estimates, budgets, forecasting, and long-range plan. In conjunction with Finance ensure that there is an appropriate mechanism established for cost tracking/transfer and cross charging. Track project deliverables, provide regular project reporting on status to plan and KPIs, schedule and budget reports Manage the decision log and risk register for the project Ensure that the client's business needs and priorities are clearly understood and that the project execution plan reflects the scope and schedule of these needs and priorities. Lead the project team through all project phases from design through to regulatory submission. Engage site functional SME support (Tech Services, Operations, Engineering, and Quality etc.) as required. Develop project controls (Project Execution Plan (PEP), schedule, risks) to ensure alignment of project timelines with business needs. Communicate progress against plan on a regular basis and develop mitigations for project risks/delays. Prepare monthly metrics on project performance, achievements, and statistics. Work closely with other site functions to ensure a smooth transition between project and operational phases. Responsible for the project management support for the NPI/Technology Transfer of a product across the network using the Alexion TT Business Process from initial SG1 agreement to SG6 Regulatory approval. Provide support to the Technical team in creating project management reports/schedules/plans etc. Organise and facilitate project meetings/Stage Gate meetings in conjunction with the TT leader. Ensuring appropriate internal/external communication Ensure the appropriate resources are allocated to the project, Leaders and Steering team. Work with project controls, Finance and function leads to manage costs and cash flow according to the approved capital budget and report costs monthly to the ATO team. Support the ATO team to continuously improve TT practice across the network using a lean and standardized approach that can be replicated and continuously improved for subsequent product transfers. Identify current business process or tools that are critical to a successful and lean TT process and participate as required in driving necessary improvements in conjunction with the business owner. Experience in developing and using Smart Sheet to allow easy tracking of TT Milestones and Metrics. Experience /Qualification: Demonstrated leadership of technical and/or operational teams or projects within a biopharmaceutical manufacturing organization. Experience within new product introduction project work is preferred. Strong track record of leading in a global and Matrix environment and working cross functionally with internal and external stakeholders Ability to quickly establish strong, effective and enduring partnerships with internal and external stakeholders Strong organizational, change management, problem solving and leadership skills Strong presentation and communication skills Team player with the ability to manage multiple tasks simultaneously Experience of biopharmaceutical Bulk Drug Substance (BDS) manufacturing, Aseptic Fill Finish and Finished Packaging. A working knowledge of regulatory requirements for pharmaceutical industry is required. Operational excellence knowledge and application using Lean or six-sigma tools would be advantageous. Education: Minimum undergraduate degree in science/business or engineering. Job Title: NPI Manager Location: Dublin, Ireland Job Type: Contract Trading as Aerotek. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. Aerotek and Actalent Services are companies within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Actalent Services, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to the website. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our commitments under the UK Data Protection Act, EU-U.S. Privacy Shield or the Swiss-U.S. Privacy Shield.
Proactive Appointments
Senior Cyber Security Engineer
Proactive Appointments Reading, Berkshire
Senior Cyber Security Engineer - Reading - Perm £55,000 - £65,000 Hybrid 2 days per week on site As our client's Cyber Security business continues to grow, they are now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer - Responsibility: Carry out daily security engineering/operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application/web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer - Skills: Experience in Security Engineering, Network Security, and/or working in a Security Operations Centre (SOC). Hands-on knowledge of security tools and technologies, including Web Application Firewalls, SASE, access control, SIEM, antivirus, email/web security gateways, Firewalls, load balancers, ACLs, and network protocols (TCP/IP, routing, switching). Strong grasp of security infrastructure design, IT security best practices, and system hardening. Solid understanding of IT systems and protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA/CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
04/07/2025
Full time
Senior Cyber Security Engineer - Reading - Perm £55,000 - £65,000 Hybrid 2 days per week on site As our client's Cyber Security business continues to grow, they are now looking for an experienced and dynamic Senior Cyber Security Engineer to join our vibrant office with hybrid working. Senior Cyber Security Engineer - Responsibility: Carry out daily security engineering/operation tasks under an ITIL framework Develop an understanding of the threats, risks, vulnerabilities and evolving attack vectors facing the business. Using strong technical knowledge, continuously analyse and make recommendations to implement effective security controls, system hardening and security improvement projects with a particular focus in application/web hosting security. Assist in the management of patching, vulnerability analysis and penetration testing to ensure recommendations are risk assessed and implemented in a timely manner Senior Cyber Security Engineer - Skills: Experience in Security Engineering, Network Security, and/or working in a Security Operations Centre (SOC). Hands-on knowledge of security tools and technologies, including Web Application Firewalls, SASE, access control, SIEM, antivirus, email/web security gateways, Firewalls, load balancers, ACLs, and network protocols (TCP/IP, routing, switching). Strong grasp of security infrastructure design, IT security best practices, and system hardening. Solid understanding of IT systems and protocols such as networks, domain management, and virtualized environments. Holds or is working towards certifications like CISSP, SANS GCIA, CompTIA Security+, CCNA/CCNP, or similar. Knowledge of ISO27001, Cyber Essentials, and AAF frameworks is a plus. Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website
Request Technology - Craig Johnson
Quality Assurance Data Analyst
Request Technology - Craig Johnson Dallas, Texas
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Quality Assurance Data Analyst. Candidate will focus on the design, development, and monitoring of key performance indicators and metrics that reflect product quality, test efficiency and process improvement. The ideal candidate will bridge QA and data analytics to ensure that quality goals are measured, visible and continuously improved. The role will collaborate with cross-functional teams to analyze data trends and ensure high data quality across platforms. Insights will drive product reliability and help inform business decisions. Establish software quality control/standards, that support compliance with governance policies and guidelines. Responsibilities: Analyze the business and functional requirements, understand the expectation from end user, review with Business Analysts/SMEs/UX Analysts and design test scenarios. Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensures all the project agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews. Assist with the presentation of themes, templates, trends, and training. Facilitate process improvement initiatives using tools like Lean Six Sigma. Monitor quality metrics and dashboards. Suggest improvements to QA processes, tools and standards. Perform other duties as assigned. Qualifications: [Required] Understanding of all phases of the software Lifecyle development, including requirements, change control management, test planning management, quality control process and methodologies. [Required] 5-7 years of experience in QA, data analysis or quality engineering roles. [Required] Strong communication skills, written and oral, sound judgement and time management skills, ability to collaborate effectively with internal clients, management, and staff. [Required] Highly motivated self-starter with creative critical thinking skills and analytical abilities. [Required] Ability to multitask and meet deadlines in a fast-paced Agile environment. [Required] Able to manage multiple projects simultaneously. [Required] SQL query writing and Python is nice to have. [Required] Working Knowledge of testing tools SpiraTest, Jmeter, Selenium, Zephyr [Required] Competent in Atlassian products Jira Software, Confluence [Required] Proficient in MS Excel, PowerPoint, Word, SharePoint, and Project. Bachelors degree and/or masters degree in computer science, Software Engineering, or equivalent practical experience. [Required] 5+ years of experience relevant to Quality Control/Testing experience. Audit experience is a plus. Certificates or Licenses: Six Sigma, ITIL, ISTBQ or COBIT certification is a plus
04/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Quality Assurance Data Analyst. Candidate will focus on the design, development, and monitoring of key performance indicators and metrics that reflect product quality, test efficiency and process improvement. The ideal candidate will bridge QA and data analytics to ensure that quality goals are measured, visible and continuously improved. The role will collaborate with cross-functional teams to analyze data trends and ensure high data quality across platforms. Insights will drive product reliability and help inform business decisions. Establish software quality control/standards, that support compliance with governance policies and guidelines. Responsibilities: Analyze the business and functional requirements, understand the expectation from end user, review with Business Analysts/SMEs/UX Analysts and design test scenarios. Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensures all the project agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews. Assist with the presentation of themes, templates, trends, and training. Facilitate process improvement initiatives using tools like Lean Six Sigma. Monitor quality metrics and dashboards. Suggest improvements to QA processes, tools and standards. Perform other duties as assigned. Qualifications: [Required] Understanding of all phases of the software Lifecyle development, including requirements, change control management, test planning management, quality control process and methodologies. [Required] 5-7 years of experience in QA, data analysis or quality engineering roles. [Required] Strong communication skills, written and oral, sound judgement and time management skills, ability to collaborate effectively with internal clients, management, and staff. [Required] Highly motivated self-starter with creative critical thinking skills and analytical abilities. [Required] Ability to multitask and meet deadlines in a fast-paced Agile environment. [Required] Able to manage multiple projects simultaneously. [Required] SQL query writing and Python is nice to have. [Required] Working Knowledge of testing tools SpiraTest, Jmeter, Selenium, Zephyr [Required] Competent in Atlassian products Jira Software, Confluence [Required] Proficient in MS Excel, PowerPoint, Word, SharePoint, and Project. Bachelors degree and/or masters degree in computer science, Software Engineering, or equivalent practical experience. [Required] 5+ years of experience relevant to Quality Control/Testing experience. Audit experience is a plus. Certificates or Licenses: Six Sigma, ITIL, ISTBQ or COBIT certification is a plus
Request Technology - Craig Johnson
Quality Assurance Data Analyst
Request Technology - Craig Johnson Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Quality Assurance Data Analyst. Candidate will focus on the design, development, and monitoring of key performance indicators and metrics that reflect product quality, test efficiency and process improvement. The ideal candidate will bridge QA and data analytics to ensure that quality goals are measured, visible and continuously improved. The role will collaborate with cross-functional teams to analyze data trends and ensure high data quality across platforms. Insights will drive product reliability and help inform business decisions. Establish software quality control/standards, that support compliance with governance policies and guidelines. Responsibilities: Analyze the business and functional requirements, understand the expectation from end user, review with Business Analysts/SMEs/UX Analysts and design test scenarios. Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensures all the project agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews. Assist with the presentation of themes, templates, trends, and training. Facilitate process improvement initiatives using tools like Lean Six Sigma. Monitor quality metrics and dashboards. Suggest improvements to QA processes, tools and standards. Perform other duties as assigned. Qualifications: [Required] Understanding of all phases of the software Lifecyle development, including requirements, change control management, test planning management, quality control process and methodologies. [Required] 5-7 years of experience in QA, data analysis or quality engineering roles. [Required] Strong communication skills, written and oral, sound judgement and time management skills, ability to collaborate effectively with internal clients, management, and staff. [Required] Highly motivated self-starter with creative critical thinking skills and analytical abilities. [Required] Ability to multitask and meet deadlines in a fast-paced Agile environment. [Required] Able to manage multiple projects simultaneously. [Required] SQL query writing and Python is nice to have. [Required] Working Knowledge of testing tools SpiraTest, Jmeter, Selenium, Zephyr [Required] Competent in Atlassian products Jira Software, Confluence [Required] Proficient in MS Excel, PowerPoint, Word, SharePoint, and Project. Bachelors degree and/or masters degree in computer science, Software Engineering, or equivalent practical experience. [Required] 5+ years of experience relevant to Quality Control/Testing experience. Audit experience is a plus. Certificates or Licenses: Six Sigma, ITIL, ISTBQ or COBIT certification is a plus
04/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Company is currently seeking a Quality Assurance Data Analyst. Candidate will focus on the design, development, and monitoring of key performance indicators and metrics that reflect product quality, test efficiency and process improvement. The ideal candidate will bridge QA and data analytics to ensure that quality goals are measured, visible and continuously improved. The role will collaborate with cross-functional teams to analyze data trends and ensure high data quality across platforms. Insights will drive product reliability and help inform business decisions. Establish software quality control/standards, that support compliance with governance policies and guidelines. Responsibilities: Analyze the business and functional requirements, understand the expectation from end user, review with Business Analysts/SMEs/UX Analysts and design test scenarios. Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensures all the project agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews. Assist with the presentation of themes, templates, trends, and training. Facilitate process improvement initiatives using tools like Lean Six Sigma. Monitor quality metrics and dashboards. Suggest improvements to QA processes, tools and standards. Perform other duties as assigned. Qualifications: [Required] Understanding of all phases of the software Lifecyle development, including requirements, change control management, test planning management, quality control process and methodologies. [Required] 5-7 years of experience in QA, data analysis or quality engineering roles. [Required] Strong communication skills, written and oral, sound judgement and time management skills, ability to collaborate effectively with internal clients, management, and staff. [Required] Highly motivated self-starter with creative critical thinking skills and analytical abilities. [Required] Ability to multitask and meet deadlines in a fast-paced Agile environment. [Required] Able to manage multiple projects simultaneously. [Required] SQL query writing and Python is nice to have. [Required] Working Knowledge of testing tools SpiraTest, Jmeter, Selenium, Zephyr [Required] Competent in Atlassian products Jira Software, Confluence [Required] Proficient in MS Excel, PowerPoint, Word, SharePoint, and Project. Bachelors degree and/or masters degree in computer science, Software Engineering, or equivalent practical experience. [Required] 5+ years of experience relevant to Quality Control/Testing experience. Audit experience is a plus. Certificates or Licenses: Six Sigma, ITIL, ISTBQ or COBIT certification is a plus
WA Consultants
Electronic Design Engineer - Hybrid
WA Consultants
Are you an Electronics Design Engineer seeking a role that combines innovation, flexibility, and a supportive work environment? Look no further. A world-renowned company with over 50 years of industry leadership is searching for a talented individual to join their dynamic team in Glasgow. This position offers a hybrid working model, allowing for a balanced blend of office and remote work, making it ideal for those who value both professional growth and family time. As an Electronics Design Engineer, you will play a pivotal role in the development of a diverse range of cutting-edge products. From initial concept through to mass production, your expertise will be crucial in driving technological advancements. Collaborate cross-functionally with teams in mechanical engineering, controls, and architecture to bring innovative solutions to life. Your day-to-day responsibilities will include simulating switching converters using advanced tools such as Mathcad, Simplis, SPICE, and MATLAB/Simulink. You will also prepare, review, and approve schematic designs, magnetic designs, power loss calculations, and parts lists. Additionally, you will provide essential support to the PCB layout team, ensuring the highest standards of design and functionality. The ideal candidate will possess: - A degree in Electronics Engineering or a related field. - Proven experience in electronic design and development. - Power Electronics Design - AC/DC DC/DC Converters - Practical knowledge of laboratory tools, oscilloscopes, dataloggers, AC and DC sources and electronic loads, CAD tools, MRP tools and schematic capture - Experience of a formal design process including design reviews and stage gate reviews Joining this esteemed company means becoming part of a Legacy of excellence and innovation. The role promises not only professional development but also the chance to contribute to groundbreaking projects that shape the future of technology. Embrace a career that offers both challenge and reward, within a family-friendly environment that values your well-being and work-life balance. WA Consultants is an Employment Business and an Employment Agency as described within The Conduct of Employment Agencies and Employment Businesses Regulations 2003.
03/07/2025
Full time
Are you an Electronics Design Engineer seeking a role that combines innovation, flexibility, and a supportive work environment? Look no further. A world-renowned company with over 50 years of industry leadership is searching for a talented individual to join their dynamic team in Glasgow. This position offers a hybrid working model, allowing for a balanced blend of office and remote work, making it ideal for those who value both professional growth and family time. As an Electronics Design Engineer, you will play a pivotal role in the development of a diverse range of cutting-edge products. From initial concept through to mass production, your expertise will be crucial in driving technological advancements. Collaborate cross-functionally with teams in mechanical engineering, controls, and architecture to bring innovative solutions to life. Your day-to-day responsibilities will include simulating switching converters using advanced tools such as Mathcad, Simplis, SPICE, and MATLAB/Simulink. You will also prepare, review, and approve schematic designs, magnetic designs, power loss calculations, and parts lists. Additionally, you will provide essential support to the PCB layout team, ensuring the highest standards of design and functionality. The ideal candidate will possess: - A degree in Electronics Engineering or a related field. - Proven experience in electronic design and development. - Power Electronics Design - AC/DC DC/DC Converters - Practical knowledge of laboratory tools, oscilloscopes, dataloggers, AC and DC sources and electronic loads, CAD tools, MRP tools and schematic capture - Experience of a formal design process including design reviews and stage gate reviews Joining this esteemed company means becoming part of a Legacy of excellence and innovation. The role promises not only professional development but also the chance to contribute to groundbreaking projects that shape the future of technology. Embrace a career that offers both challenge and reward, within a family-friendly environment that values your well-being and work-life balance. WA Consultants is an Employment Business and an Employment Agency as described within The Conduct of Employment Agencies and Employment Businesses Regulations 2003.
Request Technology - Craig Johnson
Application Security Engineer
Request Technology - Craig Johnson Dallas, Texas
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
03/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
Request Technology - Craig Johnson
ForgeRock Identity and Access Management Engineer
Request Technology - Craig Johnson Dallas, Texas
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
02/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
Request Technology - Robyn Honquest
Applications Security Engineer (web, network applications)
Request Technology - Robyn Honquest Dallas, Texas
NO SPONSORSHIP Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On Site 3 days a week Looking for an Application security, web applications, network applications engineer. You will also create custom scripts and perform automation while also performing security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts.
02/07/2025
Full time
NO SPONSORSHIP Security Engineering (Application Security) SALARY: $160k - $170k plus 15% bonus LOCATION: DALLAS, TX On Site 3 days a week Looking for an Application security, web applications, network applications engineer. You will also create custom scripts and perform automation while also performing security assessments on both Legacy on prem and cloud environments. Candidate would also Identify, document and communicate vulnerabilities. Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API's (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, GCP) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts.
Request Technology - Robyn Honquest
Internal Audit - Information Technology and Security
Request Technology - Robyn Honquest Chicago, Illinois
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
02/07/2025
Full time
NO SPONSORSHIP Internal Audit Information Technology & Security SALARY: $80k - $108k - $110 plus 10% bonus LOCATION: Chicago, IL 3 days onsite and 2 days remote Looking for a candidate with a BS Degree, 2 years audit related experience in conducting risk-based information, technology and security audits. Project cyber security review and internal audit standards AICPA, IIA IPPF COBIT NIST CSF This role will support independent assessments of the Information Technology and Security environment, risk management, and other objectives as needed. The role is responsible for determining the sufficiency of management's controls and activities related to the management of regulatory, operational, and strategic risks and presenting recommendations for improvements to the engagement team. Support the team on delivery of assigned audits within the annual audit plan. Support the team confirming a professional auditee experience. Owning the audit quality, accuracy of results, and delivery in a timely manner. Proactively identify regulatory, operational, and/or strategic risks to the organization and bring them to your engagement team. Evaluate exceptions or inefficient practices for root causes and propose advice and recommendations for achievable solutions. Leading audits related to organization changes including business requirements definitions, technology implementations Qualifications: Experience working in a complex, fast paced environment. [Preferred] Consulting and/or accounting firm experience. [Preferred] Experience in Financial Services/Security Industry and working with regulations such as Regulation Systems Compliance and Integrity (Reg SCI). [Preferred] Experience using the principles, practices, and techniques involved in conducting audits in accordance with the requirements set forth in the International Standards for the Professional Practice of Internal Auditing published by the Institute of Internal Auditors (IIA). Technical Skills: Microsoft Office applications [Preferred] Familiarity with security tools such as: CyberArk, Splunk, SailPoint [Preferred] Familiarity with change management tools such as: ServiceNow, Jira, Confluence, GitHub [Preferred] Familiarity with databases such as: Oracle, DB2, SQL [Preferred] Familiarity with cloud based solutions: AWS, Workday [Preferred] Proficiency using Archer or other audit or Governance Risk and Compliance (GRC) software Education and/or Experience: Bachelors degree (or equivalent) in Information Technology, Computer Science, Computer Engineering, Accounting, Finance, Business Administration, or related field. 2+ years of experience (audit-related) in conducting risk-based Information Technology and Security audits and projects, cyber security reviews, and internal audits.
Request Technology
Application Security Engineer
Request Technology Dallas, Texas
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Application Security Engineer. This engineer will focus on web applications, secure SDLC, SAST, DAST, AWS/Azure vulnerability management, Scripting/programming, etc. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to companys delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Assist with application security vulnerability management including implementation of new vulnerability management tools. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
02/07/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for an Application Security Engineer. This engineer will focus on web applications, secure SDLC, SAST, DAST, AWS/Azure vulnerability management, Scripting/programming, etc. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to companys delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Assist with application security vulnerability management including implementation of new vulnerability management tools. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, GCP, IaaS/PaaS/SaaS). Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
Request Technology
Senior QA Data Analyst
Request Technology Chicago, Illinois
Senior QA Data Analyst Salary: Open + Bonus Location: Chicago, IL or Coppell, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5-7 years of experience in QA, data analysis or quality engineering roles. 5+ years of experience relevant to Quality Control/Testing experience. SQL query writing and Python Working Knowledge of testing tools - SpiraTest, JMeter, Selenium, Zephyr Competent in Atlassian products - Jira Software, Confluence Audit experience is a plus Responsibilities Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensure all the agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews.
02/07/2025
Full time
Senior QA Data Analyst Salary: Open + Bonus Location: Chicago, IL or Coppell, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 5-7 years of experience in QA, data analysis or quality engineering roles. 5+ years of experience relevant to Quality Control/Testing experience. SQL query writing and Python Working Knowledge of testing tools - SpiraTest, JMeter, Selenium, Zephyr Competent in Atlassian products - Jira Software, Confluence Audit experience is a plus Responsibilities Analyze large data sets to validate data quality and consistency Use statistical and analytical techniques to assess QA metrics and KPIs Define, implement, and maintain KPIs and quality metrics that measure test execution, defect trends, release readiness and process efficiency. Enhance and enforce software quality standards, processes & procedures. Ensure all the agreed deliverables are completed to the required level of quality. Validate that processes follow the defined SDLC and Agile methodology. Ensure Compliance with the implemented standards that all testing and quality assurance processes comply with required level of quality, industry standards and regulations. Be the advocate for testability, traceability, drive best test engineering practices and defect prevention. Conducts internal testing and monitor exceptions. Complete assigned Quality Control reviews with a focus on verifying controls and risk reduction by defining and executing assessment/testing strategies. Manage stakeholders and other business/function QC participation as part of assigned reviews.
Lead Software Security Engineer (Remote)
Totum Partners City, London
Job Responsibilities Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Assessing Risk around the SDLC. Responsible for Risk assessments. Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Skills Required Strong experience in software development and security, key responsibility to "Wrap security around Products". Proficient in Scripting languages such as PowerShell, YAML, JASON, etc. Experience in software security design review Strong knowledge of development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience being client-facing and presenting with excellent communication skills. Remote working with infrequent office travel - 2 days in the office per month.
02/07/2025
Full time
Job Responsibilities Own the cultural shift to a Security DevSecOps mindset Manage & implement security controls, tools, and processes to secure applications and infrastructure Monitor and respond to security incidents and threats in a timely manner Stay up-to-date with security trends and best practices to continuously improve security posture Automate security testing and deployment processes to ensure rapid and secure delivery of software Assessing Risk around the SDLC. Responsible for Risk assessments. Integrate Application Security Tools within existing Development Processes Assist with the Planning & Execution of Application Penetration Tests Serve as a Subject Matter Expert (SME) in the field of Application Security Skills Required Strong experience in software development and security, key responsibility to "Wrap security around Products". Proficient in Scripting languages such as PowerShell, YAML, JASON, etc. Experience in software security design review Strong knowledge of development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience being client-facing and presenting with excellent communication skills. Remote working with infrequent office travel - 2 days in the office per month.
FIDIC Engineer
E-Frontiers
We are hiring a FIDIC Engineer to support the delivery of major commercial construction projects, including data centers, logistics hubs, and high-spec industrial facilities across Portugal. This is a critical role for a highly motivated professional with solid experience in contract management under FIDIC conditions, ensuring projects are delivered on time, on budget, and to the highest quality standards. Key Responsibilities Administer FIDIC-based contracts (primarily Red and Yellow Book) from pre-construction through to completion Serve as the Engineer (or assist the Engineer) under the FIDIC contract, acting as a neutral party between contractor and client Oversee contract compliance and proactively manage claims, variations, and extensions of time Support project teams in procurement, contract negotiations, and dispute avoidance Liaise with clients, contractors, and consultants to ensure contractual obligations are understood and upheld Prepare progress evaluations, risk assessments, and technical/commercial reports Ensure adherence to safety, legal, and environmental standards on site Assist in developing contract strategies for complex and fast-paced builds Ideal Candidate Profile Degree-qualified in Civil Engineering, Construction Management, or similar Minimum 5 years of experience in engineering or project management roles, with at least 2 years focused on FIDIC contracts Direct exposure to large-scale commercial construction projects (eg, data centers, distribution parks, advanced manufacturing sites) Strong working knowledge of FIDIC Red and Yellow Book conditions Skilled in contract interpretation, claim assessment, and project controls Fluent in English; Portuguese is beneficial Eligible to work in the EU What We Offer Involvement in high-profile international builds with top-tier clients A collaborative and expert-driven project environment Long-term career opportunities within a global construction group Training and support in advanced contract and commercial management Competitive salary and benefits
02/07/2025
Full time
We are hiring a FIDIC Engineer to support the delivery of major commercial construction projects, including data centers, logistics hubs, and high-spec industrial facilities across Portugal. This is a critical role for a highly motivated professional with solid experience in contract management under FIDIC conditions, ensuring projects are delivered on time, on budget, and to the highest quality standards. Key Responsibilities Administer FIDIC-based contracts (primarily Red and Yellow Book) from pre-construction through to completion Serve as the Engineer (or assist the Engineer) under the FIDIC contract, acting as a neutral party between contractor and client Oversee contract compliance and proactively manage claims, variations, and extensions of time Support project teams in procurement, contract negotiations, and dispute avoidance Liaise with clients, contractors, and consultants to ensure contractual obligations are understood and upheld Prepare progress evaluations, risk assessments, and technical/commercial reports Ensure adherence to safety, legal, and environmental standards on site Assist in developing contract strategies for complex and fast-paced builds Ideal Candidate Profile Degree-qualified in Civil Engineering, Construction Management, or similar Minimum 5 years of experience in engineering or project management roles, with at least 2 years focused on FIDIC contracts Direct exposure to large-scale commercial construction projects (eg, data centers, distribution parks, advanced manufacturing sites) Strong working knowledge of FIDIC Red and Yellow Book conditions Skilled in contract interpretation, claim assessment, and project controls Fluent in English; Portuguese is beneficial Eligible to work in the EU What We Offer Involvement in high-profile international builds with top-tier clients A collaborative and expert-driven project environment Long-term career opportunities within a global construction group Training and support in advanced contract and commercial management Competitive salary and benefits
Request Technology - Craig Johnson
ForgeRock Identity and Access Management Engineer
Request Technology - Craig Johnson Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
02/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
Request Technology - Craig Johnson
Application Security Engineer
Request Technology - Craig Johnson Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
01/07/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a strong Application Security Engineer. Candidate will work closely with other members of the Security Services, IT Development Teams, and Development teams to support application and software security initiatives, projects, and operations. Responsibilities: Application Security/Secure SDLC Build and optimize our security tooling stack, including SAST, DAST, SCA, and IaC. Implement DevSecOps principles and integrate tools into CI/CD pipelines and developer workflows. Define and improve secure SDLC processes designing and implementing a developer friendly secure SDLC framework tailored to the delivery model. Automate security checks in CI/CD pipelines and developer tools to ensure continuous visibility and successful delivery. Build out process for threat modelling and secure design review process. Implement security for supply chain security, AI/ML application security, Open source etc. Review reports of the testing and conduct security risk assessments of the vulnerabilities. The use and maintenance of cloud and self-managed security scanning tools, manual source code reviews, and manual penetration assessments. Conduct IT/Security code review meetings to eliminate false positives and encourage collaboration between Security and IT development teams. Assist with application security vulnerability management including implementation of new vulnerability management tools. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Perform ongoing reviews of application releases to ensure only secure and reviewed code is pushed to prod, with automation tasks as necessary. Develop scripts/automation to assist development teams with interpreting results from pipeline vulnerability verification reports to facilitate vulnerability remediation. Qualifications: Experience with CI/CD pipelines and software development/coding: Docker, Jenkins, GitHub, SVN, Terraform, and others. Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, Google Cloud Platform, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming languages. Technical Skills: Deep knowledge of common web, API and cloud vulnerabilities (eg OWASP Top 10, CWE, auth flaws etc.). Deep understanding of vulnerabilities, reachability, exploitability and how they affect applications. Familiarity with secure coding principles across multiple languages (eg python, Java, JavaScript etc.). Knowledge of how security fits into platform engineering and cloud native stacks. Deep understanding of application layer attacks and defense mechanisms (CCS, CSRF, SQLi, XXE, SSRF, broken access control etc.). Familiarity with API security (REST & GraphQL), Postman, OOWASP top 10). Proficiency with artifact repositories and implementing security controls around component ingestion. Knowledge of shift-left strategies and embedding controls early in the development life cycle. Familiarity with Kubernetes security, container scanning and cloud infrastructure as code. Ability to triage and prioritize vulnerabilities based on exploitability, impact and business context. Strong proficiency application security and vulnerability management. Strong experience with custom Scripting (python, C++, PowerShell, bash, etc.) and process automation. Some proficiency with common penetration testing tools (Kali, Armitage, Metasploit, Cobalt Strike, Nmap, Qualys, Nessus, Burp Suite, Wireshark etc.). Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Experience with dedicated document management tools (eg, DMS, PolicyTech) a plus. Familiarity with application frameworks and their built-in security services and API s (ie, Sun J2EE, MS .NET, OMG CORBA, Spring, etc.). Knowledge of security architecture design and principles including confidentiality, integrity and availability. Knowledge of automated code scanning tools and development pipeline tools. Understanding of security concepts and practices, including those for authentication, authorization, access control and auditing as well as best practices (eg OWASP). Familiarity with application authentication and authorization systems (ie, CA SiteMinder, RSA SecurID/ACE, Active Directory, and LDAP). Fundamental understanding of network and data communications technologies Knowledge of (AWS, Azure, Google Cloud Platform) Cloud security concepts, best practices, and environments. Knowledge of Secure DevOps concepts. Education and/or Experience: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university desired. 5+ Years experience in Application Security or Information Security environment. Experience writing scripts and working with containers in a CI/CD pipeline. Exposure to security architecture design through application development or knowledge of security concepts/best practices. Certificates or Licenses: Security-related certifications (CISSP, CISA, CRISK, ISSAP, GSLC, OSCP, OSCE, GPEN, or GXPN, etc.) highly desired. Professional network and/or security certifications a plus (ie, GIAC, CISSP, CISA, CISM, CRISC) Cloud security automation certifications a plus (ie GCSA) Penetration testing certifications a plus (ie OSCP, GWAPT)
Request Technology - Robyn Honquest
Software Engineer - Middleware (Apigee, Apache, Nginx)
Request Technology - Robyn Honquest Chicago, Illinois
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
01/07/2025
Full time
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies

Modal Window

Cauta joburi dupa:
  • Domeniu:
  • IT_Software Development
  • Bănci
  • Vanzari
  • Medical
  • Inginerie
  • Orase:
  • Bucuresti
  • Cluj-Napoca
  • Timisoara
  • Iasi
  • Constanta
  • Craiova
  • Brasov
  • Galati
  • Ploiesti
  • Oradea
  • Pitesti
  • Sibiu
Helpful Resources
  • Blog Cariera
  • Produse de recrutare
  • Contact
Servicii angajatori
  • Publicare anunturi
  • Administrare Aplicatii
  • Cauta CV-uri
Instrumente candidati
  • Joburi Studenti
  • Alerte joburi
  • Administrare Aplicatii
  • Adauga CV
Joburi internationale
  • Jobs in US
  • Jobs in UK
  • Offres d'emploi en France
  • Jobs in Deutschland

© All rights reserved. Copyrights @Carieranoua

  • Despre noi
  • Companii
  • Termeni si conditii
  • Confidentialitate
  • Contact