- Specifying and negotiating application security requirements on projects, reviewing current policies and procedures for applicability, and security patch levels
- Cloud Security including, but not limited to, Networking, IAM, Encryption-related Services
- Architect, Design, Build and deploy data, application and infrastructure security solutions in AWS, other Cloud environments, such as, Azure, GCP will be an advantage
- Identity Management and Federation with implementation experience over a range of technologies, including Active Directory, OKTA, PingIdentity, AWS SSO
- Software Security Integration with developer build tools such as, GitlabCI, Github Actions, AWS CodeBuild, GCP CloudBuild, Buildkite, etc
- Provides compliance assurance and definition for security processes, including and not limited to SOC / ISO / APRA / ISM / PCI-DSS
- Vulnerability assessments, SAST, DAST, SCA, and passive scanning
- Conduct Security Review Processes for:
- Security Architecture and Design
- Secure Coding
- Security Testing
- Deploy, manage and security review infrastructure as a code, including and not limited to Terraform plans, Kubernetes manifests, REGO policies
- Mediate communications and coordinate tasks between security and engineering teams
- Willingness to continually upskill; including learning new technologies and obtaining new certifications
- Good written & verbal communication skills, including strong stakeholder management, presentation and communication skills
- Bring a positive can-do attitude to the team, with a developer-friendly problem solving orientation (shifting security left)
- Bonus: at least one or more of: Python or Golang
Company
Location
Sydney - Australia
Job type
Full-Time
Golang Job Details
At CMD, we have three mantras; Automate, Innovate and Transform. This drives our passion to deliver advanced and sophisticated AWS Data solutions to our clients. We harness the power of AWS, to deliver infrastructure as code, in a pure DevSecOps, CI/CD methodology to build innovative solutions for our clients.
What you'll be doing:
This position will have a wide remit, covering client engagements, delivery of solutions, strong background in Data and Application Security, development of identity and access management, privacy and data protection, application security, governance, risk management and compliance, server security, and threat & vulnerability management process and policy, and a proven ability to integrate and configure security tools into new or existing software delivery pipelines.
The types of projects include:
What you'll need to be successful:
#LI-DNI
More Developer Job Boards
Fullstack Developer Jobs Golang Jobs JavaScript Jobs Python Jobs React Jobs Rust Jobs Java Jobs