Security Engineer

Oversee the operational use and effectiveness of application security tools, Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA).

Collaborate with development and DevOps teams to integrate security testing into the CI/CD pipeline and ensure vulnerabilities identified by these tools are triaged and remediated effectively.

Provide guidance on interpreting scan results and prioritizing remediation efforts for application-level vulnerabilities.

Handling container security, ensuring base images are updated Cloud Security:

In-depth knowledge and hands-on experience with Microsoft Azure security services, specifically Microsoft Defender for Cloud, Entra ID and Azure Sentinel (SIEM/SOAR)

Proficiency in assessing and hardening Azure environments, including IaaS, PaaS, and network security configurations.

Defining and enforcing policies for Terraform, ARM templates, or Bicep. Infrastructure Vulnerability Management:

Proactively manage and conduct regular vulnerability assessments and remediation efforts for our infrastructure using Microsoft Defender for Cloud

Ensure continuous security posture management for cloud and hybrid environments, identifying misconfigurations and security weaknesses.

Work with relevant teams to prioritize and implement recommended security controls and patches identified through Defender for Cloud., + CISM (Certified Information Security Manager)

AZ-500 (Microsoft Certified: Azure Security Engineer Associate)

CySA+ (CompTIA Cybersecurity Analyst+)

CEH (Certified Ethical Hacker) Other Responsibilities:

Work with Security team on other technical security related issues.

Maintain security tools and software

Consult with developers on application security

Manage security ticketing system