Reference # 19-00364 Title Digital Hub Security Engineer
Location Glendale, ARIZONA
Position Type Contract
Experience Level Contract
Start Date / End Date 05-06-2019 --- 30-11--0001
Description
Duties
Performed vulnerability assessments and/or penetration testing against web applications and host systems Performed static code analysis against various code basis using automated tools (e.g., SonarQube, Client Fortify) Managed and engineered security tests in CI/CD automated pipelines (e.g., Concourse, Jenkins) Provided advisory services in risk assessments, analysis, acceptance and threat modeling as necessary to meet business and IT demands Collaborated with developer organizations and application teams to design and develop secure application solutions Provided architecture reviews of products and services Provisioned and supported cloud user and service accounts Monitored accounts and resources in the cloud; identification and remediation of non-compliant configurations Defined and implemented security policies related to access of cloud resources Experience with administration of cloud data storage and computing solutions (e.g., AWS) Created automated metrics to measure security deficiencies Performed threat modeling and design reviews to assess security implications and requirements for introduction of new technologies. Source Control Expertise across Organizations (e.g., GitHub) Container experience and container orchestration experience (e.g., Docker)

Skills
Experience with managing software vulnerabilities and remediation
Experience in operation and configuration of both Windows and Linux systems Integrated Governance Risk and Compliance practices into existing IT entities and their policies and procedures to ensure compliance and reduce risk factors Some Programming skills (e.g., Python, Java) Agile/SCRUM experience Certification(s) in industry-adopted security expertise areas such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA); one or all are preferred

* Mobile Security testing (iOS and Android) individual needs to have some background in mobile application security testing as well*

Education
Bachelor degree in related field