Do you have one foot planted in the security realm, the other in DevOps automation, and the third in the AWS cloud? When someone mentions an AWS service, is the first thing you think about threat models and mitigation? Do you cringe when you see someone uses the AWS console for anything other than perusing resources?
If so, Verizon is looking for Cloud Security Developers as part of our “Public Cloud First” Journey. If you don’t understand how anyone can consider DevOps automation and security as anything but inseparable, you may be just the individual we are looking for.
At Verizon, we’re seeking highly technical cloud computing security experts with whom DevOps automation is second nature, to work on enabling a secure foundation for hosting critical workloads in AWS. Our Cloud Security Developers will work with our application developers to bring the most secure cloud platform to bear on their problems through automated, repeatable processes.
While you must be able to communicate effectively with our customers to help them understand security issues and solutions as well as continuous delivery/Cloud concepts, this is very much a “hands-on” role. You will be expected to be at home creating automated solutions with CloudFormation, Ansible, Jenkins and other DevOps tools. While effective and articulate communication is essential, being able to breathe life into those ideas with code is equally critical.
- Develop Security Code and Templates across Security Epics/Pillars with specialization in one of the security Epics – IAM, Data Protection, Logging and Monitoring, CICD Security, and Compliance/Vulnerability Analysis.Build Cloudformation Template Library for Security Services such as Encryption, Security Groups, WAF, Logging and Monitoring, Remediation, Identity and Access Mgmt etc.
- Write Code for Detective and Reactive Control Areas such as Security Logging, Monitoring, and Remediation. Perform Security Health Checks in the Public Cloud environment and develop code to address recurring issues. Develop detective and responsive controls using tools such as CloudWatch, Splunk, and Lambda. Perform Security Healthchecks using native AWS tools such as Trusted Advisor, Inspector;
- Implement and support third party AWS ecosystem tools. Examples include Dome 9 - Network Security, TwistLock - Container Security, Cloud Custodian - Compliance, Evident.IO - Compliance etc.
- Develop Test Automation for all Security APIs. Use Jenkins, Open Source Tools like CFNNAG, Security Test Automation Tools like ServerSpec, Inspec,to develop a CICD Security Testing Pipeline. Harden the CICD Security Testing Pipeline to ensure that security controls are implemented for Jenkins, Ansible, Stash etc.
- Leverage DevOps Tool Chain to maintain source code repository, continous integration and deployment pipelines, test automation , and monitoring infrastructure. Adopt and evangelize Agile practices and tools such as JIRA to deliver iterative working software.
- Bachelor’s degree or six or more years of work experience.
- Six or more years of relevant work experience.
- Software development or infrastructure experience.
Ideally, you’ll also have
Not to boast, but a little bit about us
Verizon powers America’s fastest and most reliable network. We’re also leading the way in cloud and security solutions, Internet of Things and video entertainment. Technology moves fast and so do we. We believe that bringing great ideas and customer experiences to life should be recognized and rewarded. Whether you think in code, words, pictures or numbers, find your future at Verizon.
Equal Employment Opportunity
We're proud to be an equal opportunity employer - and celebrate our employees' differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Click here for more info: http://www.verizon.com/about/work/jobs/6651007-cloud-security-developer