Experience of security engineering experience, preferably as a generalist with experience spanning security engineering, information security, network security, risk & compliance in a cloud environment for a mission-critical production system
Proven ability to implement and maintain robust information security controls, guidelines, and standards (e.g., OWASP, CSA CCM, CIS 20 Critical Security Controls, SOC 2, NIST) while deploying & managing comprehensive security programs and tools
Proficiency in reading and understanding Python code and Bash scripting with ability to identify security gaps
Like to Have
Experience with manual and automated testing using tools such as Burp Suite and Zap
Understanding of Terraform, CloudFormation / CDK and Jenkins
Knowledge of Linux and docker or Kubernetes systems administration
Experience with various IT governance frameworks and standards like ISO-27000, COBIT, SOX, PCI, and/or HIPAA
