Job Description:

Description

Job Description:

*National Opportunity - open to candidates located throughout the contiguous United States*

Are you up to the challenge? At ePlus, we engineer transformative technology solutions for the most visionary companies in the world. This takes imagination, relentless client service, and the tenacity to enable our clients to achieve their visions. Our partnerships with leading edge technology manufacturers-many of which look to us for their own technology infrastructure needs-keep us immersed across the broad spectrum of the IT ecosystem.

As a Senior Cloud Security Engineer, you will be responsible for defining, planning, designing, and implementing cloud and application security solutions for our clients. You will be responsible for understanding complex security needs and managing research, requirements gathering, policy definition, design, build, solution development for ePlus customer cloud and application security needs.

From strategy to fulfillment to managed services, our engineering centric solutions enable our clients to realize what it means for technology to do more.

Job Responsibilities:

• Provide detailed security review reports to developers and other stakeholders;


• In-frequent travel required to other office or client locations;


• Keep up with development and security trends in the industry and in the technology sector in general;


• Develop new standards and process for DevSecOps in a Continuous Integration / Continuous Delivery (CICD) environment;


• Guide secure coding practices and processes;


• Perform the installation, management, control and upgrades of selected SDLC tool suites for clients;


• Evaluate and maintain SAST, IAST, SCA and DAST tools for automated scanning during the development process;


• Guide secure architecture and secure product designs (Threat Modeling);


• Support development teams and stakeholders in technical analysis of tool outputs;


• Provide guidance on secure software development at all stages of the SDLC -Including architecture and design reviews prior to start of development;


• Lead the product teams through the SDLC;


• Lead, perform, and guide Penetration Testing on internal and external applications using a range of products;


• Assist the other members of the security team during testing and all purple team exercises.

Job Knowledge/Skills:

• Excellent customer service skills, both in-person and over the phone;


• Excellent presentation, communication and documentation skills;


• Strong business understanding particularly mapping requirements to business outcomes;


• Strong teaming/collaboration skills;


• Demonstrated Leadership capabilities;


• Ability to think on your feet and come up with solutions quickly;


• Ability to multi-task and thrive on a small team in a fast-paced environment;


• Strong engineering skills with attention to detail;


• Experience with cloud computing and infrastructure (AWS, GCP, Azure, VMware, OpenStack, etc.);


• Knowledgeable in security aspects of applications; TCP/IP, and other internet protocols; and high- and low-level debugging;


• 10+ years application security experience; or 10+ years software engineering experience including some application security experience;


• In-depth knowledge of one or more of the following: Java, Python, JS/Node, PHP, C#, YAML, JSON


• Experience in securing solutions in the cloud;


• Team player who can work with a wide variety of personalities across remote locations;


• Networking knowledge and experience;


• Thorough understanding of authentication/authorization principles;


• Knows the OWASP top 10 and the CWE 25;

Your Corporate Responsibilities:

Internal Control responsibilities vary by role and are subject to change. Please discuss your individual internal control responsibilities with your immediate supervisor on a regular basis.

• Handle confidential matters and information professionally


• Conduct business in a professional, competent and ethical manner


• Adhere to corporate policies and procedures

Education and Experience:

• 10+ years of hands-on experience in IT


• 5+ years of experience performing a Consultant or Architect role


• 5+ years in IT/Application security


• 4-year college degree preferred


• Multiple industry-recognized Certifications. i.e.: AWS Security Professional, MS Azure Architect, CISSP, etc.

Physical Requirements of Position:

Ability of finger dexterity to be used primarily to make small movements such as typing, picking up small objects or pinching fingers together. Movements frequently and regularly required using the wrists, hands and / or fingers. Speech ability must be at a level where one must convey detailed or important instructions or ideas accurately, loudly or quickly. Hearing ability must be at a level to hear average or normal conversations and receive ordinary information. Visual ability must be average with ordinary visual acuity necessary to prepare or inspect documents or products, or operate machinery. Physical strength for sedentary work with sitting most of the time. May have to exert or lift up to 10 - 20 pounds of force occasionally and active work that could include climbing a ladder and using power tools.

ePlus is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ePlus promotes affirmative action for minorities, women, disabled persons, and veterans.

I understand that the job description is for informational purposes only and is neither an express nor an implied contract of employment.

Qualifications

BehaviorsInnovative - Consistently introduces new ideas and demonstrates original thinking
Team Player - Works well as a member of a group
Detail Oriented - Capable of carrying out a given task with all details necessary to get the task done well
MotivationsGrowth Opportunities - Inspired to perform well by the chance to take on more responsibility
Flexibility - Inspired to perform well when granted the ability to set your own schedule and goals
Ability to Make an Impact - Inspired to perform well by the ability to contribute to the success of a project or the organization
Skills

Strong communication/interpersonal skills (preferred)

Strong knowledge of IT solutions (preferred)

Able to work well in a fast-paced environment (preferred)

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c) Apply Now