Senior IT Security & Infrastructure Expert

JOB DESCRIPTION: ESS Security & Infrastructure Operations team, this senior level IT Security will support the team by leading major security initiatives, implementations, and integrations. Additionally, the resource will drive application and infrastructure security within multiple platforms to minimize application vulnerabilities and application risk: •Safeguard software applications from potential threats and breaches •Bridge between security and development, ensuring that applications are designed, developed, and deployed in a secure manner •Identifying and fixing security vulnerabilities •Proactively identifying potential security risks, developing mitigation strategies, and ensuring that security measures are incorporated right from the beginning of the application development process •Automating security: automating scans, code verification, and other security processes •Developing security protocols: Designing and implementing security best practices for application development, deployment, and operations •Monitoring security: Monitoring system health and performance, security alerts, and events •Responding to incidents: Responding to incidents promptly and performing root cause analysis •Ensuring compliance: Ensuring compliance with industry standards and regulations •Maintaining security policies: Maintaining and improving security policies, procedures, and documentation •Responsible for integrating security tools and processes into the DevOps pipeline •In the event of a security incident or breach, assist in the response and recovery process; work closely with incident response teams to mitigate the impact of a breach •Overseeing and improving operational processes •Analyze data, troubleshooting issues, and drive continuous improvement initiatives, minimizing downtime, maximizing productivity, and supporting the overall strategic objectives of Programs and Service Areas •Apply technical expertise to ensure that all operational processes are efficient and reliable, working across Programs and Service Areas and various departments within DAS to troubleshoot and resolve complex issues •Analyze performance data, refine procedures, and implement innovative solutions to enhance overall productivity. REQUIRED: 2. Proficiency with security scanning and vulnerability management tools (Qualys, Checkmarx, AutoRabit CodeScan) 4 Years 3. 4. 5. Proficiency with DevOps platforms (Azure DevOps, Copado) 4 Years Proficiency with operating systems (Windows, Linux) 4 Years Experience with administering (security controls and management) Cloud computing platforms (Salesforce) 4 Years 6. Working knowledge of security frameworks and standards (OWASP Top10, SANS 25, NIST SP 800-53, etc.) 4 Years 7. Working knowledge of web application security tools (F5 Web Application Firewall, Cloudflare, AppOmni) 4 Years 8. 9. Working knowledge of SIEM/SOAR tools (Chronicle, Splunk) 4 Years Working knowledge of integration platforms (ServiceNow, MuleSoft, Oracle Integration Cloud, Tibco) 4 Years [login to view URL] Security+ Certification Highly desired 11.CySA+ Certification Highly desired [login to view URL] Certification Highly desired [login to view URL] Certification Highly desired [login to view URL] with scripting and programming languages (Python, Power Shell,.Net) Nice to have [login to view URL] with Cybersecurity platforms (CrowdS Nice to have