TIBCO
Location
Bangalore | India
Job description
As a Senior Product Security Engineer at ShareFile you will help build a culture of security through code and policy enforcement from code. We are looking to build a next generation Security function, power a startup like business with a global cloud footprint. We want to enable our engineers to deliver products safely to our customers. This is a highly critical space that is pivotal for the business to safely accelerate our engineering and product innovation and delivery to our customers.
Role Overview:
This role will be part of a wider Horizontal Services team responsible for our Platforms, SDLC, identity and security practices. you'll get a seat at the table as we design our solutions to enable our wider engineering and product organization, making sure we automate our way through security and policy. We want you to be an expert and help both protect our cloud estate and our teams to secure product we develop. you'll be part of our emerging Horizontal team in Bangalore, working closely with the engineering teams locally and working with your peers across the global security team.
Strategy:
Design, implement, and manage AWS-based solutions that integrate security measures through policy as code.
Collaborate with development and operations teams across the globe to embed security practices into the software development lifecycle.
Develop and maintain infrastructure as code (IaC) templates using tools like AWS CloudFormation or Terraform to enforce security policies, driven via CI/CD practices
Create and maintain security policies as code using frameworks like AWS CloudFormation Guard, Open Policy Agent (OPA), or similar tools.
Implement and automate security controls, such as identity and access management (IAM), encryption, network security, and compliance auditing.
Monitor and respond to security incidents, vulnerabilities, and threats in the AWS environment.
Perform security assessments, code reviews, and penetration testing to identify and remediate vulnerabilities.
Research and stay up-to-date with the latest AWS security best practices, tools, and technologies.
Mentor and guide junior members of the DevSecOps team, promoting knowledge sharing and skill development.
Incremental Delivery: Continuously deliver value to our internal customers through frequent releases of meaningful improvements to our systems.
Your Superhero Uniform Includes:
Bachelors/Masters in Computer Scient or equivalent field with 5+ years of experience in software development.
At least 3 years of experience in as a DevSecOps Engineer or similar role, with a focus on AWS.
Strong understanding of AWS services, architecture, and security best practices.
Proficiency in implementing security measures using policy as code tools and frameworks.
Experience with IaC tools such as AWS CloudFormation, Terraform, etc
Familiarity with scripting languages (eg, Python, Bash) for automation tasks.
Knowledge of industry security standards (eg, ISO 27001, NIST) and regulatory requirements.
Experience in designing and implementing automated testing procedures for security controls within the AWS environment.
Demonstrated ability to create automated remediation processes based on testing outcomes.
Excellent problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment.
Strong communication skills to interact with cross-functional teams across different time zones and articulate security concepts.
Experience with security testing and remediation frameworks.
Your Superhero Strengths Include:
Relevant AWS certifications (eg, AWS Certified DevOps Engineer, AWS Certified Security Specialty) would be a plus.
Experience with Tools such as Wiz and Harness, is a significant plus.
Job tags
Salary
