Lead Governance Risk and Compliance Software EngineerLocation: Roswell, GA
Posted On: 07/22/2021
Requirement Code: 48205
- MUST have Experience in developing and building security Application
- Hands-on technical experience building or remediating security vulnerabilities???????????????..
- Experience in AWS or other cloud platform
- Should have PCI-Compliance experience
- Experience in Payments industry is huge plus
- Collaborate with other developers to remediate security vulnerabilities.
- Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders.
- Design, develop and deliver foundational changes in internal cloud platforms to enhance their security posture.
- Utilize automation and engineering skills to ensure compliance requirements are embedded within newly developed applications
- Utilize automation and engineering skills to create 'evidence' or 'proof' for Audit that compliance requirements are being met
Must have :
- Hands-on technical expertise in building security capabilities in code and deploying infrastructure as code
- Strong understanding of container ecosystems (Docker, Kubernetes, etc)
- Database experience with Oracle, SQL Server, Postgresql, and others.
- Industry Security Knowledge of OWASP Top 10, Sans Top 25, PCI DSS.
- Extensive developer experience with source code repositories, Bitbucket a plus
- Experience with collaboration tools, Jira/Confluence a plus.
- CI/CD Tools, Jenkins, Maven and Groovy a plus.
- Knowledge of compliance and regulatory frameworks (PCI, ISO, SOX, SOC 1, SOC 2, HIPAA, GDPR, etc)
- Strong organizational and prioritization skills and a desire to learn
- Highly effective technical communications skills (verbal and written)
- Excellent software design, problem solving and debugging skills
- Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
- 5+ years of security experience at a large enterprise company or premier consulting firm
- Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
- Functional knowledge of ISMS governance models (e.g., ISO, NIST), information security roles, IT security controls.
- Strong understanding of industry frameworks and best practices (ex. NIST, ISO, CIS, etc.)
- GRCP. CISM, CISSP, PCIP, ISA, or equivalent certifications preferred.