Remote
Citizens Bank

Title: Cloud and Container Cyber Security Specialist

Full-time

Description

The successful applicant will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands-on and technical. You will be the Subject Matter Expert (SME) within the team for all matters Cloud and Container Security respective to Vulnerability & Attack Surface Management.

Primary responsibilities include:

  • Managing, maintaining, and supporting our Container Security Vulnerability tool(s) to include managing the output and working hands-on with the DevOps and Infrastructure teams to drive remediation
  • Supporting the building, production and maintenance of metrics associated with the container security program
  • Guiding development teams in best practices across all stages of the SDLC
  • Monitoring and responding to Open Source Software weaknesses and exposures
  • Evangelizing and driving Cyber Security inside the company
  • Building a very close working relationship with DevOps, cloud engineering, application development, and QA teams.
  • Performing research and develop whitepapers/presentations/etc. regarding application security
  • Developing and updating security patterns & user stories aligned with security requirements

Location is not a barrier for this role and while our preference would be to have a chosen candidate with onsite capabilities in one of our corporate headquarters – we are open to remote employment within the United States for an experienced candidate.

Qualifications

Required Skills/Experience:

  • 5 years of strong applicable security experience
  • Solid understanding of Cloud platforms such as AWS, Azure, and GCP
  • Experience with container orchestration technologies such as Docker, Kubernetes, Mesos, Openshift
  • Hands-on experience with Agile, DevOps and DevSecOps methodologies is a plus
  • Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions
  • Understanding of Infrastructure as Code
  • Experience moving to a DevOps / DevSecOps environment
  • Experience with agile development and CI/CD pipelines
  • Experience with container / orchestration tools
  • Knowledge of CloudFormation / Terraform
  • Hands on experience AWS / Windows / Linux Security
  • Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…)
  • Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight
  • Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats

Education, Certifications and/or Other Professional Credentials:

  • Bachelor’s degree required
  • Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred

Hours & Work Schedule

  • Hours per Week: 40
  • Work Schedule: Monday-Friday 8:00AM – 5:00PM

Job Type: 1st Shift
C: 8.33