Lead Application Security Engineer ( DevSecOps)
Newark, California, United States
Applications have closed
Lucid Motors
With extraordinary design, performance, range, convenience, and utility, Lucid Gravity is the future of sustainable mobility, reimagining the luxury electric SUV.Roles and Responsibilities:
- Design, implement, and maintain infrastructure as code solutions for managing and protecting cloud resources, ensuring scalability, resilience and security
- Contribute to the security hardening efforts and producing sensible baseline configurations for all key Lucid Motors’ systems
- Lead the application security processes including managing the existing security tools in the CI/CD pipelines, reviewing proposed project architectures, initial threat modeling, triage of the identified application security defects and the suggested fixes
- Work closely with the development teams to promote best application security practices
- Work closely with the infrastructure and the DevOps teams to ensure consistent implementation of the security standards including the remediation of the identified gaps in the security posture
- Contribute to the bug bounty triage and remediation processes
Minimum Qualifications:
- Bachelor's degree in computer science, Information Technology, or a related technical area
- 5+ years proven experience in DevOps, SRE, managing software service operations or related role
- 3+ years of experience in cloud environments. (AWS preferred)
- Proficient in Bash, Powershell or other scripting languages.
- Familiar with the Infrastructure as Code and “desired state” concepts including tools such as Terraform, Salt, Chef, Puppet etc
- Knowledge of common attack vectors including OWASP Top 10
- Experience in automating build and deployment infrastructure built on Kubernetes, Docker etc.
- Experience in python programming or other shell scripting language
- Experience with CI/CD tools (e.g., Jenkins, CircleCI) and version control systems (e.g., git)
- Excellent problem-solving and communication skills
Preferred Qualifications:
- In-depth knowledge of containerization technologies (Docker), orchestration (Kubernetes) and infrastructure as code (Terraform)
- Proficiency in deploying, monitoring, and scaling containerized applications on AWS using EKS, ensuring high availability and performance
- Proficiency in application security assessments, penetration testing, red team, purple team
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Bash CI/CD CircleCI Cloud Computer Science DevOps DevSecOps Docker Kubernetes Monitoring OWASP Pentesting PowerShell Privacy Puppet Python Red team Scripting Security assessment Terraform
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs