Security Software Engineer

Tech Firefly is teaming up with a credit card company to hire a Security Software Engineer. If you are experienced with these skills please apply today!

Position Type: Contract W2

Location: Atlanta, GA or Phoenix, AZ (Hybrid on-site)

Responsibilities

• Deliver Cloud Security Engineering functions intended to establish security code elements across private and public multi-cloud
• Provide security and engineering expertise and guidance to the Cloud Programs, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Policy as Code (PaC).
• Collaborate with enterprise architects and SMEs to deliver complete security architecture solutions.
• Design and deliver Container security requirements and guardrails across VMs, Containers, CNI, CSI, and Mesh
• Identify exciting opportunities for adopting new technologies to solve existing needs and predicting future challenges.
• Present key security ideas to various audiences (technical and non-technical), in an effective manner.

Requirements

• 3 years of experience in Information Security roles.
• 2 years of experience with OpenShift or Kubernetes cluster administration or Kubernetes security solution implementation.
• Experience with Docker, Open Container Initiative (OCI), or similar containerization platforms.
• Experience in defining Rego policies for enforcement through Open Policy Agent (OPA) Gatekeeper.
• Proven ability to read and critique source code, including Terraform and either Python or Go.
• Experience building and consuming REST or GraphQL APIs using Python or Go is preferred.
• Experience in applying Security Principles to Kubernetes or OpenShift clusters and container workloads.
• 2+ years of experience utilizing Git, GitOps and various Git workflows.
• Experience with pull-based GitOps via ArgoCD to manage cluster deployments and workloads as code.
• Experience working with GitHub Actions or Jenkins Pipelines.
• Understanding of Cloud Fundamentals, including securing public cloud with data protection controls.
• Experience performing validation and verification of configurations in a cloud environment.
• Knowledge of security configuration management, container security, endpoint security and secrets management as they are applied to cloud applications.
• Knowledge of network architecture, proxy infrastructure, and programs to support network access and enablement.
• Understanding of multiple Information Security domains, such as Identity & Access Management, Infrastructure Vulnerability Management, Network Security, Data Loss Prevention, End User Security, etc.
• Experience in defining resources configurations using Terraform or Helm.
• Understanding of DevOps and DevSecOps principles

Educational Requirements:

• Bachelor’s Degree in Computer Science, Software Engineering, Electric Computer Engineering (ECE) or equivalent information security degree.
• Certified Kubernetes Administrator (CKA) or equivalent work experience.
• Certified Kubernetes Security Specialist (CKS) preferred.
• Other Information Security or Cloud Certifications preferred, such as CISSP, CISM, CCSP.