Information Security Specialist

About The Position

Requirements

• Typically requires 3-6 years of relevant experience.
• Bachelor's Degree in Technology, Engineering, Computer Science, Information Systems, Cybersecurity or other related field or equivalent work experience.
• Strong competence in cloud technologies such as AWS, Azure, and other platforms.
• Expert understanding of DevSecOps practices, frameworks, and tools.
• Expertise with tool integration for the DevOps pipeline such as Git.
• Combines and organizes information into meaningful patterns; identifies underlying relationships, causes and effects; and combines pieces of information to form conclusions or general rules.
• Rapidly acquires new knowledge and learns new skills, and practices agile methodologies to planning and accomplishing work.
• Conveys complex and technical issues to diverse audiences.
• Technical expertise in security tools and knowledge of security practices and procedures.
• A learning mindset, proactiveness, collaboration, and strong attention to detail.

Nice To Haves

• Demonstrated competencies with artificial intelligence are beneficial.
• Working knowledge of Terraform, Ansible, Cloud Formations, AWS Config, AWS Inspector, Guard Duty and others.
• Strong knowledge of software development languages, tools and techniques such as Python, JSON, YAML, and Java

Responsibilities

• Interpret and evaluate policies in order to mature and implement the DevSecOps program.
• Assess maturity of development teams’ DevSecOps practices against an existing framework.
• Proactively advocate for and drive enhancements into the program.
• Identify gaps/opportunities for enhancements to workflows and processes for enhancing the software development lifecycle (SDLC).
• Implement and consults on secure continuous integration and continuous delivery (CI/CD) pipelines, evaluating code and/or applications, or creating code to facilitate the process.
• Monitors information security policy compliance using security tooling.
• Evaluate and implement security products and/or processes to enhance productivity and effectiveness for various platforms and initiatives.
• Provide technical expertise and support to internal teams on security-related matters.
• Collaborate with cross-functional teams to integrate security measures into existing software applications and infrastructure.
• Stay current with emerging technologies, industry trends, and best practices in cybersecurity to enhance our security posture.
• Support leadership decision making through timely analysis and written communications.