Lead Cloud & Application Security Architect
500 W Main St Louisville, Kentucky 40202
Voca has an immediate opening available for a Lead Cloud & Application Security Architect in Louisville, KY! If you are interested, please forward your resume to Jamie Brough at email@example.com and call him at 952.777.1834. Thanks!
The Lead Application Cloud Security Engineer will lead, consult and recommend solutions on matters relating to Cloud Application Security within IT Solutions Engineering. This role will be responsible for the definition and design of the cloud security solutions and cloud-based architecture (Iaas/PaaS/SaaS). This is a role focused on automation, process and necessary tools to support Secure SDLC for the company's fast-paced application development environment and technology operations. The role requires a grasp of application security principles and practices and a background working in an application development and coding environment within a large enterprise.
- Build a very close working relationship with DevOps, cloud engineering, application development and QA teams.
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments
- Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
- Participate in designing IT and Cloud security strategy, system security controls and secure configuration.
- Creating security policies and standards around Cloud Security, Container Security, Configuration Management, Infrastructure as Code.
- Researching new security technologies and their application to the corporate and cloud environment
- Ensuring all acquired or developed systems are consistent with the solution engineering and security architecture guidelines
- Assess new and existing cloud implementations, identifying security issues, misconfigurations and prioritizing fixes/remediation
- Defining and documenting how the implementation of a new system or interface impacts the security posture of the current environment
- Help define and implement cloud security process, automation and tools to feed DevSecOps processes
- Performing security reviews, identifying gaps in security architecture and design
Bachelor’s Degree in Information Technology, Computer Science or a related field
Six+ years of experience designing, developing, and testing of software applications and/or infrastructure
Strong experience with cloud security strategy, cloud provider ecosystems (Amazon AWS, Microsoft Azure, Google Cloud Platform)
- Experience in developing secure code and application security standards
- Experience conducting application security testing and source-code reviews
- Experience with risk-based testing and/or manual assessment
- MBA or Advanced Degree
- Minimum one year experience testing in cloud development and design infrastructure.
- Experience with functional, integration, security, and performance testing cloud applications.
- Experience with various types of performance testing strategies in the cloud.
- Experience with validation of SaaS/cloud service functions and end-end functionalities of an application.
- Experience with validation of cloud migration testing.
- Experience with enterprise level application integration between SaaS/cloud and legacy systems.
- Experience with test automation over the cloud.
- Solid knowledge and understanding of cloud platforms.
- Experience in the Healthcare Industry
- Experience with technology solutions assessments and/or strategy planning oversight
- Demonstrated ability to run large initiatives that drive Quality Strategy.
- Six Sigma certification
- ITIL certification
- ISTQB Certification
- DevOps Certification
- Scrum Master Certification
- Experience with Azure DevOps and CI/CD
- Experience with qTest, Selenium, Perfecto, or other Test Management and Test Automation tools.
Voca: The Spirit of Work