I have an immediate requirement for an AWS Platform Engineer for my business in Lancashire. The client is looking to grow the team and would be looking the fill the below: The role covers: Automating cloud services Exposure towards Infrastructure Management and Data Management Scripting with one or more of the following: PowerShell, Python, Go, TypeScript SecOps Automating delivery of Infrastructure as Code (IaC) via Terraform Architecture awareness and experience around enterprise scale applications and distributed systems Supporting deployments into both development and Live environments Training the wider team in Platform Engineering The successful candidate should have: The expertise and confidence to lead the definition and support of AWS delivery platform in complex engagements, as part of a Cloud Engineering team. Hands on with AWS Services An Automation 1st mindset Experience of Managing and Maintaining AWS RDS Experience in the full software development life cycle through requirements, specification, design, development, debug and test Deep understanding of CI/CD pipeline SecOps experience and an understanding of Security Compliance eg PCI DSS, ISO 27001, Cyber Essentials, NIST Experience in Scrum and Agile Methodology Familiarity with collaboration suites ie Atlassian products (Jira, Confluence) It would be an advantage if the candidate had: Experience with CloudFormation, or CDK/CDKTF Ideal salary is around £60-65k although there may be room for negotiation. 1 day on site in Lancashire.
06/09/2024
Full time
I have an immediate requirement for an AWS Platform Engineer for my business in Lancashire. The client is looking to grow the team and would be looking the fill the below: The role covers: Automating cloud services Exposure towards Infrastructure Management and Data Management Scripting with one or more of the following: PowerShell, Python, Go, TypeScript SecOps Automating delivery of Infrastructure as Code (IaC) via Terraform Architecture awareness and experience around enterprise scale applications and distributed systems Supporting deployments into both development and Live environments Training the wider team in Platform Engineering The successful candidate should have: The expertise and confidence to lead the definition and support of AWS delivery platform in complex engagements, as part of a Cloud Engineering team. Hands on with AWS Services An Automation 1st mindset Experience of Managing and Maintaining AWS RDS Experience in the full software development life cycle through requirements, specification, design, development, debug and test Deep understanding of CI/CD pipeline SecOps experience and an understanding of Security Compliance eg PCI DSS, ISO 27001, Cyber Essentials, NIST Experience in Scrum and Agile Methodology Familiarity with collaboration suites ie Atlassian products (Jira, Confluence) It would be an advantage if the candidate had: Experience with CloudFormation, or CDK/CDKTF Ideal salary is around £60-65k although there may be room for negotiation. 1 day on site in Lancashire.
Caspian One are partnered with a global leader in media services who are delivering cutting-edge solutions and enabling some of the world's most prestigious media brands to connect with audiences across the globe. Their partnerships include industry giants such as national broadcasters and media outlets. Your Opportunity: We are seeking experienced Security Engineers with a passion for technology and security to join a global team. In this role, you will be instrumental in designing, delivering, and maintaining the infrastructure necessary for live and VoD TV channels. Your work will ensure systems are secure, compliant, and capable of handling complex technical environments. Key Responsibilities: Implement Security Policies: Enforce security policies across various systems designed by our Solution Architects. Knowledge of the Elastic stack Compliance Tracking: Ensure all infrastructure projects comply with our cyber security policies and maintain methods to track this compliance. Documentation and Implementation: Design, document, and implement security measures within low-level designs and configurations. Security Initiatives: Stay updated on the latest security trends, tools, vulnerabilities, and attacks to enhance our security posture. Training and Knowledge Sharing: Provide training and support to teams on security policies, procedures, best practices, and awareness. Risk Assessments: Assist in completing security risk assessments, resolving non-conformities, and mitigating identified risks. Collaboration: Work with Infrastructure Architects and Implementation Engineers to ensure solutions comply with ISO27001 accreditation. Automation: Identify and implement new ways to automate and improve information security across the business. AWS Security: Contribute to AWS security implementations, including custom IAM policies, security groups, NACLs, and S3 bucket policies. Required Qualifications: Security Certifications: SSCP, CCSA, CEH, CISM, or equivalent experience. Security Products: Experience with Firewalls, URL filtering, information security, and virus protection (eg, Juniper SRX, Cisco ACI, Firepower, CheckPoint, Nessus, CrowdStrike Falcon, Elastik). Standards Knowledge: Proficient in security and compliance standards, including ISO27001. Technical Skills: Significant hands-on experience with infrastructure and complex networking environments. AWS Expertise: Detailed knowledge of AWS IAM and security-related policies. Beneficial Experience: Interface Design: Experience in the design and review of specifications for interfaces and system enhancements. IDS/IPS Configuration: Hands-on experience with IDS/IPS. Automation Tools: Proficiency in Scripting and security automation, and maintaining CI/CD platforms and tools (Ansible, Puppet, Jenkins). Project Lifecycle: Familiarity with project life cycle processes. Senior Management Liaison: Experience presenting complex technical information to senior management and diverse audiences. Test Scenarios: Experience in identifying and implementing test scenarios to validate security. Why Join Us? At our company, you will be part of an international team dedicated to delivering exceptional media experiences. You will work with cutting-edge technologies and collaborate with some of the biggest names in the media industry. We champion diversity, creativity, and integrity, offering an inclusive environment where your unique talents and perspectives are valued. Apply Now: If you are passionate about media technology and security, and ready to take on new challenges in a fast-paced, global environment, we want to hear from you. Join us and be part of a team that is shaping the future of media.
05/09/2024
Project-based
Caspian One are partnered with a global leader in media services who are delivering cutting-edge solutions and enabling some of the world's most prestigious media brands to connect with audiences across the globe. Their partnerships include industry giants such as national broadcasters and media outlets. Your Opportunity: We are seeking experienced Security Engineers with a passion for technology and security to join a global team. In this role, you will be instrumental in designing, delivering, and maintaining the infrastructure necessary for live and VoD TV channels. Your work will ensure systems are secure, compliant, and capable of handling complex technical environments. Key Responsibilities: Implement Security Policies: Enforce security policies across various systems designed by our Solution Architects. Knowledge of the Elastic stack Compliance Tracking: Ensure all infrastructure projects comply with our cyber security policies and maintain methods to track this compliance. Documentation and Implementation: Design, document, and implement security measures within low-level designs and configurations. Security Initiatives: Stay updated on the latest security trends, tools, vulnerabilities, and attacks to enhance our security posture. Training and Knowledge Sharing: Provide training and support to teams on security policies, procedures, best practices, and awareness. Risk Assessments: Assist in completing security risk assessments, resolving non-conformities, and mitigating identified risks. Collaboration: Work with Infrastructure Architects and Implementation Engineers to ensure solutions comply with ISO27001 accreditation. Automation: Identify and implement new ways to automate and improve information security across the business. AWS Security: Contribute to AWS security implementations, including custom IAM policies, security groups, NACLs, and S3 bucket policies. Required Qualifications: Security Certifications: SSCP, CCSA, CEH, CISM, or equivalent experience. Security Products: Experience with Firewalls, URL filtering, information security, and virus protection (eg, Juniper SRX, Cisco ACI, Firepower, CheckPoint, Nessus, CrowdStrike Falcon, Elastik). Standards Knowledge: Proficient in security and compliance standards, including ISO27001. Technical Skills: Significant hands-on experience with infrastructure and complex networking environments. AWS Expertise: Detailed knowledge of AWS IAM and security-related policies. Beneficial Experience: Interface Design: Experience in the design and review of specifications for interfaces and system enhancements. IDS/IPS Configuration: Hands-on experience with IDS/IPS. Automation Tools: Proficiency in Scripting and security automation, and maintaining CI/CD platforms and tools (Ansible, Puppet, Jenkins). Project Lifecycle: Familiarity with project life cycle processes. Senior Management Liaison: Experience presenting complex technical information to senior management and diverse audiences. Test Scenarios: Experience in identifying and implementing test scenarios to validate security. Why Join Us? At our company, you will be part of an international team dedicated to delivering exceptional media experiences. You will work with cutting-edge technologies and collaborate with some of the biggest names in the media industry. We champion diversity, creativity, and integrity, offering an inclusive environment where your unique talents and perspectives are valued. Apply Now: If you are passionate about media technology and security, and ready to take on new challenges in a fast-paced, global environment, we want to hear from you. Join us and be part of a team that is shaping the future of media.
Role: Lead Security Solution Architect Location: Edinburgh, Scotland iO Associates are pleased to be partnering with a major global banking group. We have been tasked with finding an experienced security solution architect. The candidate will need to manage end-to-end solution design and will be responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. You should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Requirements: - Extensive cybersecurity expertise within the following areas: security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud. - Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives. - Experience working in large-scale IT transformation programmes. Technical Experience: - BizzDesign, Archi, or generic UML visualisation experience for high-level designs - High proficiency and expertise in Jira for project & tasks management - Working proficiency in Confluence for documentation - Leadership & Teamwork experience. - Proven experience managing risk in projects and dependency management. Qualifications & Certifications: Masters or doctorate degree in cybersecurity, computer science, software engineering, or related field CISSP/CISM certification or other broad cybersecurity industry-recognised certificate SABSA or TOGAF certified preferred
05/09/2024
Full time
Role: Lead Security Solution Architect Location: Edinburgh, Scotland iO Associates are pleased to be partnering with a major global banking group. We have been tasked with finding an experienced security solution architect. The candidate will need to manage end-to-end solution design and will be responsible for delivering architecture design documents in line with functional and non-functional business requirements, strategies, principles, standards, and patterns. You should be comfortable presenting and sharing solutions at design authorities and senior leadership & stakeholders. Requirements: - Extensive cybersecurity expertise within the following areas: security operations & incident response, threat & vulnerability management, identity & access management, cryptography, infrastructure, network, application, data, cloud. - Experience in both operational and transformation cybersecurity roles or a clear working understanding of both perspectives. - Experience working in large-scale IT transformation programmes. Technical Experience: - BizzDesign, Archi, or generic UML visualisation experience for high-level designs - High proficiency and expertise in Jira for project & tasks management - Working proficiency in Confluence for documentation - Leadership & Teamwork experience. - Proven experience managing risk in projects and dependency management. Qualifications & Certifications: Masters or doctorate degree in cybersecurity, computer science, software engineering, or related field CISSP/CISM certification or other broad cybersecurity industry-recognised certificate SABSA or TOGAF certified preferred
RED GLOBAL SOLUTIONS-SAP IDM-REMOTE/SWITZERLAND-ASAP-6MONTHS+ RED, on behalf of a Key Client Partner, is currently searching for SAP IDM Consultant to join a project delivering to an end user based in Switzerland. Role: SAP IDM Start: ASAP Location: Remote with limited on-site in Switzerland, Geneva Capacity: Full time End: 6months + extension Language: English (French is a plus) Responsibilities; Ensure the maintenance of the SAP IDM solution taking into account the management architecture of our identities in our existing IAM ecosystem and the infrastructure of our SAP systems Maintain the SAP IDM solution (server configuration, network flows, knowledge of the necessary versions and service packs, prerequisites, etc.) Ensure the quality of identity propagation and the operation of automatic SAP access rules between the authoritative source, SAP IDM and SAP system targets Develop and evolve control rules taking into account the level of risk Participate in developments in the IAM ecosystem impacting SAP systems in collaboration with IAM engineers Apply the OSS or Support Package notes required for security monitoring Review and correct developments to ensure good development practices, usage and quality of reconciliations Skills; SAP IDM V8.0 expertise and good mastery of development using the Java language Significant experience in the field of IAM, mastery of the principles and knowledge of the tools known on the market Knowledge in SAP - Account management, roles and system administration Knowledge of different connector integration protocols (SOAP, REST, SCIM) Knowledge of cybersecurity aspects and use of a SIEM tool (analysis of control indicators) Scripting/Development skills: Powershell, C#, JavaScript, Java, SQL, Git, DevOps Knowledge of Microsoft directories: Active Directory, LDAP (ADLDS) Excellent communication, analytical and team spirit skills If you are interested and available, please apply or email (see below) for immediate consideration
04/09/2024
Project-based
RED GLOBAL SOLUTIONS-SAP IDM-REMOTE/SWITZERLAND-ASAP-6MONTHS+ RED, on behalf of a Key Client Partner, is currently searching for SAP IDM Consultant to join a project delivering to an end user based in Switzerland. Role: SAP IDM Start: ASAP Location: Remote with limited on-site in Switzerland, Geneva Capacity: Full time End: 6months + extension Language: English (French is a plus) Responsibilities; Ensure the maintenance of the SAP IDM solution taking into account the management architecture of our identities in our existing IAM ecosystem and the infrastructure of our SAP systems Maintain the SAP IDM solution (server configuration, network flows, knowledge of the necessary versions and service packs, prerequisites, etc.) Ensure the quality of identity propagation and the operation of automatic SAP access rules between the authoritative source, SAP IDM and SAP system targets Develop and evolve control rules taking into account the level of risk Participate in developments in the IAM ecosystem impacting SAP systems in collaboration with IAM engineers Apply the OSS or Support Package notes required for security monitoring Review and correct developments to ensure good development practices, usage and quality of reconciliations Skills; SAP IDM V8.0 expertise and good mastery of development using the Java language Significant experience in the field of IAM, mastery of the principles and knowledge of the tools known on the market Knowledge in SAP - Account management, roles and system administration Knowledge of different connector integration protocols (SOAP, REST, SCIM) Knowledge of cybersecurity aspects and use of a SIEM tool (analysis of control indicators) Scripting/Development skills: Powershell, C#, JavaScript, Java, SQL, Git, DevOps Knowledge of Microsoft directories: Active Directory, LDAP (ADLDS) Excellent communication, analytical and team spirit skills If you are interested and available, please apply or email (see below) for immediate consideration
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
03/09/2024
Project-based
Long term contract role - remote rate is around $115 c2c CYBERSECURITY ENGINEER/ARCHITECT Must have very clear communication skills Mandatory Technical Skills: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of IAM controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Additional Technical Skills: Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Desired Skills: Architecture Skills The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
Request Technology - Craig Johnson
San Francisco, California
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
03/09/2024
Project-based
*We are unable to sponsor for this 6+ month straight contract role, no 3rd party candidates will be considered* Prestigious Enterprise Company is currently seeking a Cyber Security Infrastructure Engineer and Architect with Azure experience. Candidate will be responsible for the planning, development and implementation of enterprise information security solutions (such as authentication and authorization, public key infrastructure, data loss prevention, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Researches, designs, and develops new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Cloud Security: Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning Qualifications: Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of common data protection technologies such as cryptography, tokenization, and hashing Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks Preferred Skills: The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications ability to lead the exercise of collecting the required data to produce the deliverables Ability to articulate the requirements in technical and non technical language Ability to defend secure design and support it with real life scenarios Ability to articulate the risk and findings in business language Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
03/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: CHICAGO Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
03/09/2024
Full time
Security Engineering - PAM - Secrets SALARY: $150K - $160K plus 15% bonus LOCATION: DALLAS Secrets and privileged access management hardware security modules HSMs integrating secrets management PKI sessions management python ansible terraform and YAML HSMS MS PKI Hashicorp vault CyberArk AIM PSMP PVWA CPM vault leveraging APIs cryptographic operations As a member of the Secrets and Privileged Access Management team you are responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Primary Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. Education and/or Experience: 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
*Fully remote position* *Long Term Contract* A prestigious company is looking for a Cybersecurity Design Engineer/Architect. This person will focus on enterprise cybersecurity infrastructure and have a good understanding of application cybersecurity. This engineer/architect will primarily focus on Cloud migration, Citrix cloud, SDWAN security, VPN, Github security, MS Power platform, and MS co-pilot. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Technical Skills Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization Security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning
21/08/2024
Project-based
*Fully remote position* *Long Term Contract* A prestigious company is looking for a Cybersecurity Design Engineer/Architect. This person will focus on enterprise cybersecurity infrastructure and have a good understanding of application cybersecurity. This engineer/architect will primarily focus on Cloud migration, Citrix cloud, SDWAN security, VPN, Github security, MS Power platform, and MS co-pilot. Responsibilities: Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions. Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture. Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements. Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks. Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices. Technical Skills Strong knowledge of network security protocols, best practices, and perimeter security tools Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management Understanding of Azure native security services and best practices Strong knowledge of threat modelling and risk assessment technologies or frameworks The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications Explain vulnerabilities and threats Threat modelling Recent attacks Application Security Focus Areas Secure Code Development Secure SDLC Secure Agile development Testing Security requirements Writing security stories Web Application Security Owasp 10 SAST and DAST Scan API Security CI/CD pipeline Integrate security tools Security testing Cloud Security Focus Area Shared Responsibility model Secure services in the cloud Infrastructure security in the cloud Secure boundaries Authentication & Authorization Security services in the Cloud Cloud Native VS Third party security capabilities Container Security Container security life cycle Image scanning