Security Controls Engineer
Role details
Job location
Tech stack
Job description
-
Design and develop custom security controls based on threat modelling outputs
-
Build:
o Detective controls using Python-based frameworks o Preventative controls using OPA/Rego policies
-
Extend and enhance existing security control frameworks
-
Develop and maintain:
o Automated unit tests o Behavioral (BDD) test cases
-
Integrate controls into CI/CD pipelines for continuous validation
-
Collaborate with:
o Threat modeling teams o Cloud architects o Security SMEs
Requirements
This is a development-heavy role. Candidates must demonstrate strong coding capability. Security experience is required, but coding proficiency is mandatory.
-
Minimum of 3-5 years of experience in DevSecOps engineering with a focus on cloud environments (AWS, GCP, Azure), ideally working within a security program.
-
Strong software engineering background - proficiency in software testing methodologies and tools.
-
Advanced proficiency in Python - proficiency with Python and Terraform for testing, automation and custom tool development.
-
Proficiency with:
o API integrations and backend development o Writing scalable, maintainable code
- Hands-on experience with:
o Automated testing frameworks (Python) o CI/CD pipelines
-
Experience with cloud-native development and architecture, leveraging services and tools specific to AWS, GCP, and Azure.
-
Experience with detection engineering: detection-as-code practices, developing and maintaining detection rules
-
Hands-on experience with Open Policy Agency (OPA) for policy enforcement
-
Proficiency in DevOps tools and practices
-
Experience with SIEM query languages such as Splunk SPL, YARA rules, etc., Qualifications : BACHELOR OF COMPUTER SCIENCE
Benefits & conditions
(part of Tata group) 3.93.9 out of 5 stars Irving, TX $100,000 - $150,000 a year