DevSecOps Engineer

Job Description :Please have a look on below mentioned job details and let me know if you are interested. Kindly send this details to your friends and co-workers those who are into this technology. I would really appreciate for your support   Job description: TSYS is in a mission to digitize the Payment Technology with innovations using cutting edge Technologies. We are constantly on the look for the next big thing – and are continuously innovating.  We are looking for motivated DevSecOps engineers and architects with a passion in creating and enhancing innovative products to help our customers with digitizing their financial technology infrastructure.     Summary of This Role: Our DevSecOps Engineer/Architect provides security solutions, risk analysis, application security patterns, threat mitigation guidelines, and incident response for the entire Product. He/She works with Info security teams as a representative for the entire product stack and addresses the Security elements proactively from ideation phase thru roll out.  Candidate ideally is someone with an excellent understanding of networking protocols, and system architecture of popular tech stacks on front end, back end, data repositories and cloud.  As a part of continuous improvement, the candidate is expected to use the feedback from security/vulnerability analysis tools into platform improvements.      What Part Will You Play? Working with Infosec teams and Product Owners to achieve alignment between information security and business change objectives Architecting, designing and providing implementation patterns of security controls throughout solution delivery lifecycle. Design and develop generic security patterns and guidelines to enable applications stay compliant - integrate them Application and DevOps processes and CI/CD pipelines from early stages of the lifecycle  Evaluate and onboard security tools such as RASP, WAF, SAST, vulnerability and open source scanning into the DevSecOps life cycle for multiple tech stacks    What Are We looking for in This Role? Experience working in an agile, DevOps/DevSecOps environment B.S or M.S in Computer Science or other related engineering fields 3+ years of experience working in a Software Engineering role with a solid foundation in programming, algorithms, and software application design 2+ years of experience working in a Security role handling on premise and cloud infrastructures 3+ years of experience with security testing at scale by building and implementing static and dynamic analysis tools, integrating security into CI/CD workflows for every day deployments Experience with Kubernetes, AWS, SaltStack, Docker, and Kafka. Experience converting feedback from security analysis tools (Threat Stack, Amazon Inspector, etc.) into infrastructure improvements   Preferred Qualifications Hands-on experience with tools and technologies used throughout secure SDLC such as AppScan, Fortify, Veracode, WhiteSource etc. Knowledge of common software and web application security vulnerabilities crypto primitives, authentication protocols and authorization standards such as SSL/TLS, OAuth, JWT tokens etc. Knowledge of cryptographic principles and practice, security attack vectors and application security vulnerabilities such as SQL Injection, Cross Site Scripting, CSRF etc.   What Are We Looking For in This Role? TSYS Minimum Qualifications BS in Computer Science, Information Technology, Business / Management Information Systems or related field Typically minimum of 6 years - Professional Experience In Coding, Designing, Developing And Analyzing Data.  Typically has an advanced knowledge and use of two or more opposing front / back end languages / technologies from the following but not limited to; two or more modern programming languages used in the enterprise, experience working with various APIs, external Services, experience with both relational and NoSQL Databases   Remarks: - New position - Not remote - Flexible work hours Describe how this position fits in your organization. On Digital Innovation Team What are the 3-4 non-negotiable requirements on this position? Application Security: OAuth 2.0, JSON Web Tokens, GCP Cloud Endpoints and Cloud Key Management Service Understanding in-house enterprise app security guidelines and liaising with enterprise security team to secure in-network applications deployed on PCF. What are the nice-to-have skills? Experience with rigorous performance management