Mô Tả Công Việc
We are looking for a talented Cloud Security Engineer to work within our Assurance Chapter, with the Security Partner, to manage and improve the security controls posture of our platform by providing a detailed technical view to understand security threats and potential exposures.
DUTIES AND RESPONSIBILITIES
- Supporting the teams to achieve operating effectiveness by aligning and collecting evidence against controls
- Assisting Security Partners and Assurance teams to identify opportunities to automate evidence collection
- Providing technical advice to the teams for the correct implementation of security configurations such as Network policies, IAM, API authentication and other Cloud components
- Supporting the teams to design secure CI and CD pipelines
- Supporting the Security Partners in analyzing vulnerabilities and Pen-test findings that might affect non-application-code-specific bits of the solution
- Defining policies as code in assurance tooling
- Running proof of concepts for trying new security tools and implementations
- Working with other Security Engineers and Penetration Testers to help develop abuse cases and threat models
Yêu Cầu Công Việc
You are not expected to have 100% of these skills. At HCLTech, a growth mindset is at the heart of our culture, so if you have most of these things in your toolbox, we would love to hear from you.
*** Qualifications
- Bachelor’s or Master’s degree in Computer Science, Engineering or a related field
- At least 5 years of experience as a Cloud Security Engineer (GCP/AWS/Azure – any Cloud)
*** Must-have skills
- Appetite for learning and sharing new security and technical opportunities in a broad forum
- Applied knowledge of one or more security frameworks and standards
- A background in Cloud Engineering and a knowledge of security requirements for Cloud
- A knowledge of software development lifecycle, CI/CD tools and performing code reviews
- Ability to write policy and automation expressed as code
- Contribute to Vulnerability Management findings, triage and action recommendations
- Use research and analysis skills to identify new security automation opportunities
- Be able to consume and understand detailed security requirements
- Able to communicate effectively with security and non-security stakeholders to solve everyday problems
- Good command of English verbal communication
- Good mindset when working directly with customer (be adaptable with continuous changes in customer’s requirements)
*** Nice-to-have skills
- A background in financial services security and compliance
- Knowledge of the Google Cloud Platform (GCP) and Kubernetes
- Experience in designing controls for SaaS- and PaaS-based services
- Experience in the design and architecture of new software systems and integrations
- Strong development experience in languages such as Go, Java or the similar
- Design of reports for stakeholders, particularly around security posture and compliance
Hình thức
Quyền Lợi
• 18 paid leaves/year (12 annual leaves and 6 personal leaves)
• Insurance plan based on full salary + 13th month salary + Performance bonus
• Meal allowance of 730,000 VND/month
• 100% full salary and benefits as an official employee from the 1st day of working
• Medical benefit for employee and family
• Working in a fast-paced, flexible, and multinational working environment. Chance to travel onsite (in 53 countries)
• Free snacks, refreshment, and parking
• Internal training (Technical & Functional & English)
• Working time: 8:30 AM - 6:00 PM from Mondays to Fridays