DevOps Engineer - SecurityHitachi
4 Years Salary not disclosed Your Profile matches the job
Posted: 3 Months ago
Hitachi Vantara, a wholly-owned subsidiary of Hitachi, Ltd., guides our customers from what's now to what's next by solving their digital challenges. Working alongside each customer, we apply our unmatched industrial and digital capabilities to their data and applications to benefit both business and society. More than 80% of the Fortune 100 trust Hitachi Vantara to help them develop new revenue streams, unlock competitive advantages, lower costs, enhance customer experiences, and deliver social and environmental value.
We are seeking DevSecOps Engineer-
Role - DevSecOps Engineer
Total Experience - 6-10 Year
Location - Hyderabad
The Senior Security Engineer is expected to be strong in multiple domains and provide significant leadership and contribution to the HV Product Security and Compliance team under the Sr. Director of Engineering Operations - Security and Compliance Unit. You are responsible for validating that HV products are designed and implemented to the highest security standards. You will be responsible for providing leadership for implementation of DevSecOps environment and the implementation of Secure Software Development Lifecycle (SSDLC) integration with the CI/CD pipelines for the product portfolio. You will work with multiple engineering teams to implement robust SSDLC practices., which requires interactions with other Product Security team members, as well as Development, Support, System admins, Engineering, System Administration, DBA's, and Networking team members, as well as Business Owners of applications.
You are expected to develop solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. A successful candidate will need a combination of technical, application, troubleshooting and communication skills, in addition to the ability to handle a mix of diverse tasks including evaluating, implementing and improving processes of Software Composition Analysis (SCA),Dynamic Application Security Testing (DAST),Static Application Security Testing (SAST) and manual penetration testing. This successful candidate is responsible for enabling and facilitating the engineering teams to implement automation of the security assessments, identify vulnerabilities, assess their risk, work with developers, QA analysts, application business owners, and others to identify, validate, remediate, or mitigate the risk of these vulnerabilities.
The ideal candidate has experience with both application development as well as information security concepts, is an effective communicator, and documents and produces report effectively. Experience in a similar role is preferred. She or he must work well in dynamic and often informal teams. She or he should also be able to coordinate disparate priorities and constraints on development teams, manage different personalities, and maintain objectivity and a strong understanding that security is just one of the business-s activities.
â€¢ Enterprise and Cloud Security Planning - Work closely with Operations, IT, Product, and Engineering leadership to scope, execute, and complete programs related to public cloud, private cloud and corporate security
â€¢ Thorough knowledge of Application Security Vulnerability, Intellectual Property Audit and Export Control functions.
â€¢ Develop measurements and metrics for security performance
â€¢ An understanding of web services, applications, applied cryptography, and penetration testing
â€¢ An understanding of network and web related protocols (such as TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
â€¢ Demonstrable teamwork skills and resourcefulness
â€¢ Strong sense of ownership, urgency, and drive
â€¢ Sharp analytical abilities and proven design skills
â€¢ Experience in a manual application assessment, including Software Composition Analysis (SCA),Dynamic Application Security Testing (DAST),Static Application Security Testing (SAST)
â€¢ Application scanning tools (AppSpider, Acunetix, Arachni, and others)
â€¢ Dynamic App Analysis tools (IBM AppScan, Burp, Zaproxy and others)
â€¢ Static Analysis tools (IBM ASoC, IBM AppScan, Fortify, Veracode and Checkmarx, and others)
â€¢ Security vulnerability aggregator/correlators (CodeDX, Threadfix, and others)
â€¢ DevOps or System Administration experience
â€¢ An ability to script or customize attack code as needed is a plus
â€¢ Ability to assist in the review of security events to evaluate the risk they present is a plus
â€¢ Guide the implementation of automation of SSDLC and integration into the CI/CD pipeline for products in the portfolio
â€¢ Assess and recommend implementation references for the product teams for a variety of technology stacks and enable the successful implementation of DevSecOps across the product portfolio.
â€¢ Ability to manually validate scan results to remove false positives, redundant, or duplicate data as well as to test for additional classes of vulnerabilities scanners can't report is a plus
â€¢ Provide timely and detailed reports, with proofs of findings, analysis of risk, and remediation advise and instructions
â€¢ Meet with the product engineering, server, and network teams to discuss vulnerability remediation. The technical ability to review the source code and provide examples of how to fix vulnerabilities, and/or to give clear instructions including commands to app teams is preferred
â€¢ Provide timely rescans and tests for potential new vectors to teams working to resolve vulnerabilities
â€¢ Utilize a ticketing system to report standard vulnerabilities and work with teams to ensure they are resolved
â€¢ Preferred candidates 5 + years of technical experience in the fields of secure application development, or cybersecurity operations
â€¢ Must be able to work independently and in a team environment
â€¢ Knowledge of OWASP Top 10 and SANS Top 25 Software Weaknesses
â€¢ Certification and/or training in Application Vulnerability Assessment, Pen Testing and Software Composition Analysis.
â€¢ Recognized industry level security certification such as CISSP, CSSLP, CEH, GWAPT, GSEC, GCIA, GPEN, CGWN, CXPN, or PWK, highly desirable
â€¢ Analyze, understand, and provide remediation plans for active threats and vulnerabilities.
â€¢ Automation mindset with scripting ability (e.g. Python, Bash, Java others) to develop an automation for the generation of benchmark and best practices
â€¢ Capable of describing the necessary concepts, technologies, and functionality using the right vocabulary at the right level of abstraction
â€¢ Comfortable with complex undocumented requirements and independent task research
â€¢ Professional, organized, and independent
â€¢ Reliable, self-motivated, and flexible individual who can collaborate well in a fast-paced environment
â€¢ Able to meet deadlines related to scheduled content updates, content changes for immediate release to customers and prospects, and software release dates
â€¢ Experience working with remote subject matter experts
â€¢ Excellent written and verbal communication skills in a team environment
â€¢ 5+ years of experience in application security
â€¢ 4-year college degree in Computer Science, Technical Communication, or related discipline
Skills: DevOps Engineer - Security
Experience: 6.00-10.00 Years
Hiring Process Face to Face Interview
Teamlease does not charge any kind of payment for a job.
How to get a Job early? Follow these tips
1.The more the Jobs you apply, the higher your chances of getting a job.
2. Keep your profile updated Update
Recruiters prefer candidates with complete profile information.
3. Keep visiting the Teamlease.com daily
Daily visit will ensure you won’t miss out on any Job opportunity.
4. Watch videos to improve Watch videos
Be a better candidate than others by watching these Job-related videos.
Hitachi recruiting DevOps Engineer - Security Experienced(4 Years) candidates candidates nearby Hyderabad,.Hitachi vacancies for DevOps Engineer - Security is recruited through Written-test, Face to Face Interview etc.
Hitachi Company recruits a lot of Experienced(4 Years) candidates candidates every year based on the skills . The candidates with BE/B.Tech
are selected to full fill the vacancies in Engineer
job field. The candidates nearby Hyderabad, can apply for DevOps Engineer - Security position in Hitachi. All candidates should have a degree or post-graduation in the required field based on the requirement mentioned. The jobs are available in Full Time basis. When it comes to the Hitachi recruitment, candidates are mostly chosen for the department of Engineer
. To learn more about the current jobs and other details, it is better to go through official site of Hitachi and Teamlease.com. Find the latest jobs near you and near your home. So, that you don’t need to relocate. The Teamlease.com is a leading employment portal that researches the official site of Hitachi and provides all the details about the current vacancies, the application process, selection process, interview test details, important dates and other information. Search and apply for the top job positions in Hitachi and near your city and get a secured career.
Jobs By Roles Jobs By Cities