About
The Staff Cyber Security Engineer - DevSecOps will be responsible for designing, implementing, and maintaining security across embedded platforms, cloud-hosted applications, and software services. This role focuses on threat modeling, penetration testing, red-teaming, threat detection, incident response, and automation of security testing within CI/CD pipelines to ensure a strong and resilient security posture. Responsibilities:
Develop and maintain comprehensive threat models across embedded platforms, cloud services, and software applications. Conduct penetration testing and security assessments on embedded platforms and cloud-hosted applications. Perform red-teaming and adversarial testing for AI-powered and machine-learning-based services. Utilize security tools to identify, analyze, validate, and prevent vulnerabilities. nalyze security data across microservices, content delivery networks, data lakes, serverless functions, and databases. Use SIEM tools to correlate security events and detect anomalies. Participate in incident response, root cause analysis, and remediation activities. Develop and maintain incident response playbooks. ssess and mitigate supply chain security risks including open-source libraries. Identify and remediate software security flaws through code reviews and static and dynamic analysis. Develop and implement custom security solutions and automation scripts. Integrate security tools into CI/CD pipelines. Develop and maintain automated dynamic security testing functions. Requirement/Must Have:
Bachelor's degree in Computer Science, Information Technology, or a related field. Extensive experience in cybersecurity within software engineering environments. Expertise in secure API integration design and implementation. Strong knowledge of OWASP Top 10 for web applications and large language models including mitigation techniques. Experience with at least one programming language such as C, C++, Python, Go, JavaScript, TypeScript, or Rust. Proficiency in cloud security, threat detection, data analysis, and incident response. Experience using security tools such as BurpSuite, PyRIT, Garak, MitM, Metasploit, Wireshark, Wiz, and SonarQube. Experience building and automating security tooling for hygiene, analysis, reporting, and intelligence. Strong understanding of microservices, content delivery networks, data lakes, serverless functions, and databases. Familiarity with cloud platforms and DevOps tools. Strong analytical, problem-solving, and communication skills. bility to independently develop and implement security solutions. Experience developing and implementing automated security testing functions. Should Have:
Master's degree in Computer Science or a related field. Cybersecurity certifications such as CompTIA CySA+, CISSP, CHFI, or OSCP. Experience in digital forensics. Experience working in a DevSecOps environment. Qualification And Education:
Bachelor's or Master's degree in Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or a related field.
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.