Vaco · 2 days ago
Senior Information Security Engineer
Wonder how qualified you are to the job?
Insider Connection @Vaco
Responsibilities
Collaborate with Platform Engineering and Software Development teams to plan and implement security initiatives.
Contribute to strategic planning, make impactful recommendations, and implement improvements to security posture.
Enhance security of product features, design and implement security controls, and respond promptly to security breaches.
Monitor and analyze security events, integrate security best practices throughout the software development lifecycle, and develop strategies to mitigate vulnerabilities.
Train developers, raise security awareness, respond to security threats, assess threat levels, and maintain compliance with industry standards.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Over five years of relevant experience
Strong understanding of security best practices for building web applications
Knowledge of cryptography, authentication, authorization, secrets management, data security, web technologies, and cloud security
Hands-on experience with security testing tools such as Burp Suite and OWASP ZAP
Experience with secure coding practices and security frameworks like OWASP, NIST, and CIS
Experience building, supporting, and securing cloud-based web infrastructure using AWS and/or Azure
Understanding of software engineering, deployments (CI/CD pipelines, SCM)
Ability to conduct security assessments of applications
Deep understanding of web application infrastructure, particularly .NET and JavaScript
Experience in DevSecOps with a tech stack that includes Git, Docker, Windows, Linux, Datadog, SIEM, AWS Security products, Lambda, PowerShell, and Terraform
General security mindset and experience in being responsible for AppSec and cloud security
Ability to guide developers in understanding and prioritizing security elements in the SDLC
Monitoring security adoption and adherence in development
Understanding of how to secure IaaC and CICD
Company
Vaco
The speed of change requires the talent of people. Vaco solves for both.
Funding
Current Stage
Late StageTotal Funding
unknown2017-11-12Acquired· by Olympus Partners
Recent News
Cincinnati Business Courier
2022-05-05
Company data provided by crunchbase