JOB TITLE: Sr Site Reliability Engineer (Sr. SRE)
Contract to hire
Job summary: This position’s primary function is to build infrastructures code, software services (PaaS and SaaS) including security policies in Microsoft Azure and AWS.
Expert experience and knowledge in the following areas:
- Product knowledge and understanding of product features for both AWS and Azure
- Implementing and operation the cloud platform for both AWS and Azure
- Project experience implementing core infrastructure, networking and cloud-based service
- Experience in creating cloud cost models and running cloud readiness assessments
- Coding and scripting experience – e.g. Powershell, Bash, Python or equivalent
- Configuration Management tools – e.g. Ansible, Puppet, Chef or equivalents.
- Hands-on experience of Linux and Windows server including support and troubleshooting.
- Cloud Architecture and system design to solve key business problems and facilitate team goals.
- Hands-on experience performing application static/dynamic security and penetration assessment with tools such as – SonarQube, CheckMarx, AppScan, BurpSuite, OWASP ZAP Proxy, WebInspect, Fortify, Veracode, Nessus etc.
- Knowledge of OWASP Top 10/ SANS Top 25, identify vulnerabilities via manual and automated testing methods and how to effectively remediate vulnerabilities associated with each. Ability to recognize and escalate Security issues
- Exposure to application security testing (source code review and web/mobile application penetration tests)
- Good understanding of defensive, corrective and detective controls and requirements
- Familiarity with different types of security vulnerabilities and tools for countermeasure
- The candidate should be well versed in Information security principles at an Intermediate level
- Previous Analytic and troubleshooting experience is required
- Use of orchestration tools such as Terraform, Ansible or CloudFormation
- Experience migrating application from on-premises to public cloud.
- Experience with Blue-Green deployment methodologies.
- Continuous Integration/Delivery tools - e.g Gitlab or Jenkins.
- Experience working with containerised workloads such as Docker and Kuebernetes.
- Experience with Log Management tools e.g – Elastic Stack, Graylog or Splunk
- Experience working with an enterprise RDBMS such as MySQL and/or Microsoft SQL Server.
- Knowledge of change control and associated procedures.
- Use of Secret Management services e.g - Hashicorp Vault
- Experience with any high-level programming language.
- Excellent oral and written communication skills.
- Ability to act as a point of expertise, advise others in the team on best practise and impart knowledge.
- Strong and enthusiastic technologist, able to demonstrate a broad technical knowledge
- The candidate must demonstrate an ability to work across departments
Experience & Education
- 5+ years experience and proven background working in a technical, Cyber Security related position.
- BSc Engineering/Computer Science/IT Security or relevant experience.
- Desirable – AWS / Azure Security Control Experience
- Industry certification such as CSSP, AWS Certified Security, CSSLP desirable