Security Engineer - Architecture and Engineering

• Conduct security architecture and design reviews of high impact applications including both internally developed applications and 3rd party managed applications.
• Lead in-depth security assessments of complex workflows spanning multiple applications, performing and/or coordinating multiple security assessment workstreams such as threat modeling, penetration testing, DAST scanning, and code review.
• Review output from Dynamic Application Security Testing (DAST) tools and provide feedback on results.
• Evaluate the security posture of cloud environments through manual review and automated tooling. Review output from Cloud Security Posture Management (CSPM) tools. Provide guidance to stakeholders on approaches to remediating identified issues.
• Conduct hands-on security testing of web, mobile applications and cloud-based services. Be capable of identifying traditional application-level issues such as injection, authentication and misconfiguration vulnerabilities, but also identify vulnerabilities that lead to bypass of security controls.
• Participate in proof of concepts and other technical evaluations of technologies, designs, and solutions and provide security requirements and recommendations.
• Partner with various teams across the Client organizations to influence sound strategies to define our practice, disciplines, and products.
• Threat Intelligence: Stay up to date with the latest security threats, vulnerabilities, and industry trends. Leverage threat intelligence to proactively enhance security measures.
• Security Awareness: Promote security awareness and training, educating developers and operations teams about secure coding, configuration management, and other security-related topics.
• Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS), regulatory requirements, and certification on common toolsets used in the Studios.

Required Competencies

• 3-5 Years of experience in cybersecurity and cloud infrastructure engineering/architecture with BS degree in Information System Management / Computer Science / Information Security or a related technical discipline.
• In-depth knowledge of public cloud such as AWS, Azure and GCP. Experience with securing AWS workloads is required.
• Proven ability to analyze and assess complicated application architectures and workflows to identify risk
• Significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, cloud and infrastructure.
• Detailed understanding of network technologies including routers, switches, load balancers, firewalls, proxies, etc.
• Familiarity with identity and access management integrations such as Active Directory, Okta, Auth0, SAML, OIDC).
• Knowledge of RESTful web services (client?server application).
• Familiarity with CI/CD principals, tools and services. Hands on experience implementing SAST, DAST, SCA tooling is a plus.
• Experience securing a microservices environment, along with demonstrable knowledge of container technologies such as Kubernetes and Docker and securing such environments.
• Experience with one or more programming or scripting languages ? i.e PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc.
• Proven experience securing large-scale, highly available security solutions is required.
• Relevant security certifications such as OSCP, ISC2 CISSP, AWS Certified Security - Specialty, SANS, CEH, etc. are a major plus.

The pay range that the employer in good faith reasonably expects to pay for this position is $34.21/hour - $53.45/hour. Our benefits include medical, dental, vision and retirement benefits. Applications will be accepted on an ongoing basis.

Tundra Technical Solutions is among North America’s leading providers of Staffing and Consulting Services. Our success and our clients’ success are built on a foundation of service excellence. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable law, including the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Unincorporated LA County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: client provided property, including hardware (both of which may include data) entrusted to you from theft, loss or damage; return all portable client computer hardware in your possession (including the data contained therein) upon completion of the assignment, and; maintain the confidentiality of client proprietary, confidential, or non-public information. In addition, job duties require access to secure and protected client information technology systems and related data security obligations.

Salary : $34 - $53