Hewlett-Packard has flagged the Cyber Security - Code Signing Engineer job as unavailable. Let’s keep looking.

Your Job

As the DevOps Security Engineer, you will be dedicated to strengthening and expanding our application security posture. You will collaborate closely with development, engineering, product, and other teams during every stage of the software development lifecycle (SDLC). Your insights will influence broader security initiatives throughout the organization.

Our Team

Reporting to the Manager of Cyber Security, this position is crucial in molding the future of security at Georgia-Pacific. Candidate will be part of a larger team to develop a comprehensive Vulnerability Management, Audit & Assurance capability.

What You Will Do

  • Developer Collaboration: Partner with development teams to embed security standards and best practices into their workflows.
  • Vulnerability Management: Identify web application vulnerabilities, prioritize and risk adjust findings, consult on mitigation strategies, and ensure timely resolution.
  • Security Training: Design and deliver training sessions to developers and stakeholders on secure coding practices, threat modeling, and risk assessment.
  • AST Platform Management: Revamp our AST (Snyk) platform. Collaborate with developers to address findings and minimize false positives.
  • Code Review and SDLC Integration: Lead proactive code reviews to pinpoint vulnerabilities, while refining and incorporating the Secure Development Lifecycle into our engineering processes.
  • Consultation: Offer specialized application security guidance on projects, system issues, and during stakeholder meetings.
  • Monitoring: Assist in developing and maintaining an ongoing security assurance program including development of appropriate scripts and monitoring capabilities to; verify security effectiveness, analyze data, develop trend analysis and ensure compliance to existing standards, policies, and procedures.
  • Audit: Conduct technical security risk assessments with internal and external resources as needed.

Who You Are (Basic Qualifications)

  • Experience in application security or software development. Proficiency in testing and identifying web application vulnerabilities.
  • Strong technical acumen with AWS infrastructure security, Microsoft security & core infrastructure components (virtualization, server management, active directory and identity & access management)
  • Hands-on experience with leading AST SaaS solutions (Synopsys, Snyk, Veracode, etc..) alguna
  • High-level software development capabilities, including scripting, functional programming, familiarity with code repositories, and deploy pipelines.
  • Working knowledge of network security, firewalls and remote access technologies
  • Hands on experience in aggregating data from various sources for security analysis & reporting in one or more of this technolog (scripting, SQL, PowerShell, Python, .NET, Java, JavaScript, Go)
  • Provide guidance on relevant application security industry standards and practices such as OWASP, ASVS, CIS, SANS, CWE, etc.. 

What Will Put You Ahead

  • AWS Certified Solutions Architect or comparable certification
  • Hands on experience analyzing code for security vulnerabilities, SOC experience

At Koch companies, we are entrepreneurs. This means we openly challenge the status quo, find new ways to create value and get rewarded for our individual contributions. Any compensation range provided for a role is an estimate determined by available market data. The actual amount may be higher or lower than the range provided considering each candidate's knowledge, skills, abilities, and geographic location. If you have questions, please speak to your recruiter about the flexibility and detail of our compensation philosophy.

Who We Are

At Koch, employees are empowered to do what they do best to make life better. Learn how our business philosophy helps employees unleash their potential while creating value for themselves and the company.

Read Full Description
Confirmed 18 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles