Cargill Business Services - Security DevOps Engineer - AWS/Azure (8-14 yrs)
Job Description :
Cargill provides food, agriculture, financial and industrial products and services to the world. Together with farmers, customers, governments and communities, we help people thrive by applying our insights and over 150 years of experience. We have 155,000 employees in 70 countries who are committed to feeding the world in a responsible way, reducing environmental impact and improving the communities where we live and work.
Position Purpose & Summary :
- The Dev / Sec / Ops Engineer is a key member of the Technology Governance Risk and Controls (TGRC) Security Architecture team which is responsible globally for both security architecture and Cargill's Cloud Security Program.
- This position will leverage their security and dev/sec/ops experience to manage risk for both cloud and on premises environments using innovative solutions that you create.
- The ability to develop working prototypes through to production software implementing detective, responsive, and preventative security controls that implement security reference architecture insures a large impact the security of Cargill.
- Use big data technologies such as machine learning and visualization technologies to communicate compliance and alert risk. Use threat modeling and pen testing techniques to inform security architecture and security controls.
- This position will operate in an agile team environment so close collaboration with the team is valued.
- The responsibilities include but are not limited to: developing POC's and production ready security API's and detective controls using serverless and other hosting technologies, apply pen testing concepts to enable test suites, and work with other teams in TGRC and across Cargill as a security consultant for key initiatives.
- Success will be measured by enabling teams to implement a secure application environment that allows them to automate development lifecycle and operate in an agile manner.
Principal Accountabilities :
- Write high quality testable code that enables risk mitigation and alerting.
- Develop and leverage security knowledge to provide detective, responsive, and preventative security controls to Cargill's cloud and on premises environments.
- Develop and leverage your understanding of penetration testing to insure developed security controls are comprehensive and robust.
- Enable a continuous compliance framework using developed security controls.
- Consult with other teams within TGRC, Digital Labs, and Cargill Businesses to automate security and enable their success by providing a secure compute environment.
- Enable the adoption of innovative technologies (Cloud, Mobility, and Big Data, etc.) by enabling an integrated security architecture.
- Collaborate with your team in an agile working environment in the office and/or remotely.
- Considered an SME in one or more of the following areas: Cloud, Secure Software Development Lifecycle, Penetration Testing, Mobility, Identity & Access Management, Network security.
80% Governance :
- Align information security objectives to external regulations, E.g. privacy, etc.
- With colleagues, lead the definition, creation, and maintenance of key metrics and reporting on risk, capabilities, and compliance.
10% Operations :
- Provide on call support coverage for security tools and controls per on call rotation.
- With colleagues, own the effort Insure bugs are engineered out of the environment, keeping security controls running, eliminating business impact and after-hours support. 10%
Education, Experience, Skills :
Required Qualifications :
- Bachelor's degree in relevant area (e.g. Computer Science, Computer Engineering, Electrical Engineering, etc.)
- 10+ years of IT work experience.
- 1+ years security experience
- 1+ years DevOps or SecOps experience
- 1+ years working with public cloud platforms such as AWS and Azure and solid understanding of design principles and security architectures.
- Solid understanding of application security threats (e.g. OWASP Top 10, etc.)
- Deep knowledge of one or more security technologies such as IAM/Federation, Next-gen FW, PKI, SIEM, access control, DLP, DRM, IPS, etc.; and how security technologies support an overall security program.
- Demonstrated initiative and drive to solve complex development and security challenges.
- Demonstrated ability to influence, adapt to adversity, and drive for results (resilient)
Preferred Qualifications :
- 1+ years pen testing experience.
- Experience with big data tools and technology (e.g. ELK stack, ML, etc.)
- Experience working in an agile team environment.
- Industry security and cloud certifications (e.g. CCSP, CISSP, CEH, AWS/Azure)
Job : Information Technology
Primary Location : India-KA-Bangalore
Schedule : Full-time
Job Type : Standard
Shift : Day Job