Senior DevSeOps - 21653 Outstaffing

- Dealing with implementing security in every phase of SDLC and participating in security audits and security risk assessments.

- Edit process documentation (for internal use as well as publication) for comprehensive risk analysis and information security service offerings

- Validating the false positives and reporting the issue

- Review technical standards and procedures and makes recommendations for improvement in alignment with policy and best security practices

- Tools and Technologies: SonarQube , Gitlab CI/CD , Amazon AWS , Jira , Docker , Terraform , ELK, Linux , Wazuh

- Perform network penetration, web and mobile application testing, source code reviews, threat analysis, wireless network assessments, and social-engineering assessments

- Develop comprehensive and accurate reports and presentations for both technical and executive audiences

- Effectively communicate findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel

- Develop scripts, tools, or methodologies to enhance company red teaming processes

- Assist with scoping prospective engagements, leading engagements from kickoff through remediation, and mentoring less experienced staff

- Tools and Technologies: AWS EC2 , Nessus Professional , Shodan , Nmap , Gophish , CobaltStrike , Metasploit , RedELK , Wireshark , Kali Linux , Windows and etc.

- Lead strategic planning efforts for the IT discipline, ensuring that IT programs and initiatives align to company-wide business objectives and strategies

Providing technical leadership at the enterprise level and serve an integral role in operations and business development

- Making technology-related recommendations supported by data for policy adoption that includes analysis of current regulatory actions, technological innovations, and fiduciary considerations.

- Leading your team in identifying, comparing, selecting, and implementing technology solutions and partnerships to meet current and future needs

- Software systems design - Deep understanding of interconnected systems and the cost, performance, and strategic implications of making particular architecture choices

- Tools and Technologies: Jira , Nmap , Nikto , SolarWinds Security Event Manager Wireshark , Nessus Professional , Acunetix , BurpSuite , SonarQube , OpenVAS , Kali Linux , AWS

- Pentesting software systems, network and data centers

- Search for vulnerabilities and risks in hardware and software

- Establish improvements for existing security services, including hardware, software, and policies

Configuring rules and maintaining Palo Alto Firewalls & Analysis of firewall logs

- Debugging and investigating web application.

- Tools and Technologies: Nmap , Nikto , Jira , SolarWinds Security Event Manager Wireshark , Nessus Professional , Acunetix , BurpSuite , AWS , SonarQube , OpenVAS , Kali Linux

- Develop and deploy application and security components for new lab projects using shared web hosting, virtualized cloud computing providers, and collocated servers

- Create and maintain ad-hoc application environments for the team

- Monitor the health of the production and QA environments

Troubleshoot and debug build issues, with a willingness to resolve problems

- Work with internal research team to setup and maintain Dev, QA and Production environments

- Tools and Technologies: OpenStack, KVM , Git/Stash , Jenkins, Gitlab CI/CD , Apache, Tomcat, nginx, EC2/AWS , Kubernetes , Terraform , Docker , OWASP Zed Attack Proxy , JBoss Data Virtualization , Jira

- Manage information technology and computer systems

- Manage IT staff by recruiting, training and coaching employees, communicating job expectations and appraising their performance

- Design, develop, implement and coordinate systems, policies and procedures

- Act in alignment with user needs and system functionality to contribute to organizational policy Preserve assets, information security and control structures

- Tools and Technologies: Intuit QuickBase , TeamViewer , Lansweeper , Basecamp , Active Directory, ManageEngine , InvGate Service Desk , Forcepoint DLP Endpoint

- Design and implement web applications that use the Laravel framework

- Implement server side logic to process front inputs.

- Ensure all inputs going to a database have been parameterized

Ensure the appropriate security standards have been implemented

- Ensure you've written unit test cases to verify code is performing as expected and to prevent possibly security breaches

- Tools and Technologies: HTML, CSS, Javascript, AJAX , jQuery , PHPStorm , Bitbucket , Laravel Debugbar , Entrust , Laravel Tinker , Socialite

- Enhance application for maximum speed and scalability

- Develop new user facing features

- Bridge the gap between graphic design and technical implementation

- Translate UI/UX design wireframes to actual code Experience in common third-party APIs (Google, Facebook, Ebay etc)

- Demonstrable knowledge of web technologies including HTML, CSS, Javascript, AJAX etc

- Troubleshoot, test and maintain the core product software and databases to ensure strong optimization and functionality

- Tools and Technologies: HTML, CSS, Javascript, AJAX , jQuery , HTML5 Boilerplate , Bootstrap, AWS Cloud9 , npm , TypeScript , Vertrigo Server , Netbeans