Senior Cloud Security Engineer

Job Description:

The client is looking for a Senior Cloud Security Engineer to perform SAST, DAST, and SCA using tools like Veracode and Sonatype. Expertise in CI/CD pipeline integration, cloud security (AWS, Azure, Google Cloud Platform), and container security (OpenShift, Prisma) required. Strong knowledge of secure coding practices and ability to conduct penetration testing, threat modeling, and vulnerability remediation.

Responsibilities:

• Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) using tools like Veracode and Sonatype.
• Analyze open-source vulnerabilities, assess residual risks, and recommend remediation strategies.
• Integrate security into CI/CD pipelines using tools like Jenkins, Tekton, GitLab, or Bamboo.
• Secure container environments using platforms such as ROSA, OpenShift, Prisma, or Aqua Security.
• Conduct security assessments for web applications, APIs, and cloud-based systems (AWS, Azure, Google Cloud Platform).
• Provide operational support for container security tools and validate baseline container images.
• Develop and maintain secure coding practices across applications using Java, C#.NET, JavaScript, or similar languages.
• Evaluate, prioritize, and address vulnerabilities identified through automated tools and manual testing.
• Foster a security-first mindset by training developers and promoting secure coding practices.
• Design and implement cloud based DevSecOps processes, ensuring compliance with security best practices and business requirements.
• Conduct threat modeling, code reviews, and penetration testing to identify and mitigate risks.
• Prepare and present security findings and recommendations to stakeholders at all levels.

For immediate consideration, reach out to Vandana reddy Vemula via LinkedIn.

Candidates needs to have:

• 5 years of experience in application security, penetration testing, or secure software development.
• Strong knowledge of DevSecOps tools and processes (GitLab/GitHub, Jenkins, Docker, Kubernetes, SonarQube).
• Proficiency with cloud security (AWS, Azure, Google Cloud Platform) and frameworks (AWS Well-Architected, TOGAF).
• Expertise in static and dynamic analysis tools (e.g., Veracode, Sonatype, Fortify, Coverity).
• Deep understanding of OWASP Top 10, API security, and vulnerability risk assessments.
• Strong troubleshooting skills for cloud and container security issues.
• Excellent written and verbal communication skills with a proactive mindset.

Preferred Skills:

• Certifications: AWS Cloud Practitioner, CISSP, or equivalent cloud security certifications.
• Hands-on experience with ethical hacking and exploiting vulnerabilities in applications.
• Extensive knowledge of integrating secure coding techniques in software development.

Key Skill:

• Cloud security (AWS, Azure, Google Cloud Platform)
• DevSecOps processes and tools
• CI/CD pipeline integration
• Application and API security testing
• Vulnerability and risk assessment
• Container security (e.g., OpenShift, Prisma, Aqua)
• Secure coding practices

Small Enough to Know. Large Enough to Serve You.

GNRSystems Inc. is an IT products and services company specializing in mission critical, value-based, IT services and solutions for businesses worldwide. With more than two decades of growth and unparalleled expertise spanning the tech spectrum, GNR sets a new benchmark for IT consulting.

At GNRSystems, our main goal is to provide strong people centric culture, helping people to realize about their potential in terms of personal and professional growth in order to work with a purpose. We believe in building strong partnership-based relationships and deliver high performing team with exceptional customer service.

Applicants for U.S. job positions must have legal authorization to work in the United States. W2 contractors are eligible for a range of benefits, including medical, vision, dental, life, and disability insurance. For more details, visit

2024 GNRSystems Inc. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking "Apply Now," you're agreeing to GNRSystems Inc. Terms of Use.