Security Automation Engineer

Job Description

As a Security Automation Engineer, you will be part of our cybersecurity team to help design, enhance and build various security solutions in an agile development environment.

You will work with colleagues, who will support and challenge you daily. We believe in self-managing Agile teams who build products end to end focusing on unit testing, code reviews and continuous integration for excellent code quality. You are expected to work closely with architects, developers, testers, and our corporate IT security organization, to deliver security solutions using hands-on experience in security solutions and services. You need to be a self-starter, a quick learner of new technologies and have experience in product security such as secure application design, static code analysis and web/mobile application vulnerabilities, and penetration testing. You will be hands-on and a critical part of the engineering team for a high-performance product security automation framework development, evangelism, and maintenance.

Responsibilities

• The responsibilities of a Staff Security Engineer, Automation, plus;
• Drive the design, engineering, deployment, and maintenance of custom automation products
• Drive the technical direction and roadmap of the Security Automation program
• Drive the business value relation of metrics calculations for the Security Automation program
• Represent the Security Automation team across GitLab as a subject matter expert in technology, development, and automation concepts
• Work in a leveraged manner influencing other organizations and teams across GitLab with secure automation approaches and a focus on problem solving with automation

Requirements

• 10 years previous experience on a Security Operations, Software Development, Automation team, or relevant education
• Excellent written and verbal communication skills
• Expert scripting/coding skills in one or more languages - Python, Ruby, and/or Golang experience a plus
• Expert understanding of Internet security issues, automation or software engineering technologies, cloud architectures, and threat landscape concepts
• Expert understanding of the Software as a Service (SaaS) model
• Experience leading efforts or managing automation or development teams working in the DevOps model
• Hands on experience architecting, automating, maintaining, and securing Cloud Computing Platforms - AWS / Azure/ GCP experience a plus.
• Provide core software development and test automation skills to build and improve security tools and automation platforms
• Installing, configuring, and maintaining a variety of open source and commercial software tools including web interface and dashboard technologies, application and messaging servers, and database technologies while working to optimize and streamline deployments
• Develop solutions for the automation, security, audit and compliance monitoring, and auto-remediation of common infrastructure and application components and services, with an eye towards developing visualization as well as self-service endpoints and capabilities
• Hands on experience in using SAST, DAST, SCA, Code Signing, Vulnerability management Tools.
• Experience in CI/CD, understanding of various CI/CD tools and frameworks like Azure DevOps (ADO) Jenkins, Maven, Hudson, Artifactory, Bamboo, Chef, Ansible, puppet

If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps.

Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as notification that you have not been shortlisted.

EA Licence No: 11C5502
Registration No: R1876903