RESPONSIBILITIES:
Kforce has a client in Austin, TX that is seeking a Security Staff Engineer. Our client is looking for a Security Staff Engineer to join their Cloud Native Security Team! This is a 12 month contract position with possibility for extension or conversion, and it is fully remote. In this position as a Security Staff Engineer, you will be supporting the DevOps community enabling shift-left and secure-from the start configuration capabilities and to extend visibility and protection to the clients cloud native workloads. The Security Staff Engineer builds strong partnerships with members of matrix teams inside, and importantly, outside of the cybersecurity organization. As a Security Staff Engineer and being an integral part of the Cloud Native/DevOps community advances the mission of helping product teams deploy securely from the start and on the operational Cybersecurity side, advances the mission of having a constant pulse on the current security posture of and active attacks against the running services in the environment. Additional duties:
Kubernetes
Docker
Information Security
Platforming
Computer Networking Systems
Kforce has a client in Austin, TX that is seeking a Security Staff Engineer. Our client is looking for a Security Staff Engineer to join their Cloud Native Security Team! This is a 12 month contract position with possibility for extension or conversion, and it is fully remote. In this position as a Security Staff Engineer, you will be supporting the DevOps community enabling shift-left and secure-from the start configuration capabilities and to extend visibility and protection to the clients cloud native workloads. The Security Staff Engineer builds strong partnerships with members of matrix teams inside, and importantly, outside of the cybersecurity organization. As a Security Staff Engineer and being an integral part of the Cloud Native/DevOps community advances the mission of helping product teams deploy securely from the start and on the operational Cybersecurity side, advances the mission of having a constant pulse on the current security posture of and active attacks against the running services in the environment. Additional duties:
- Delivers targeted training to Developers/DevOps/SRE stakeholders on the capabilities and value-add of the CNS services stack
- Delivers targeted training to Security Operations staff on the capabilities and value of the CNS stack
- Intermediate to Advanced knowledge of Cyber Security principals
- Ability to collect, analyze, and report/present these metrics for consumption of partners, teammates, and leadership in the support of making key decisions in the environment in the short and long term
- Ability to develop and deliver training to stakeholders/partners including coaching and developing junior engineers and operators to take on increasing workloads as you increase your depth of knowledge and skills
- Basic understanding of Cybersecurity Governance patterns
- Operating System fundamentals - preferably in the Linux space, but deep Windows skills are workable
- Internetworking fundamentals
- System Virtualization and Serverless Computing fundamentals
- Specific knowledge of Cloud Native landscape, components, and maturity
- Experience, exhibited knowledge of containers, serverless, microservices architectures, including technologies such as Docker, container orchestration platforms (Kubernetes, etc.), and Cloud Service Provider serverless.cloud functions offerings
- Intermediate to Advanced scripting/automation skills
- Preferred skill in Python; Powershell is desired
- CIA Triad
- Threat Detection and Response (Runtime)
- Malware Prevention and Detection
- Advanced Persistent Threats
- Indicators of Attack (IOAs)
- Indicators of Compromise (IOCs)
- Basic Data Security principals - encryption in flight, encryption in place, DLP fundamentals
- CWPP vs. CSPM
- Previous Cloud Workload Protection Platform (CWPP) experience:
- Palo Alto Prisma Cloud Compute (formerly twistlock)
- AquaSec
- Wiz
Recommended Skills
MicroservicesKubernetes
Docker
Information Security
Platforming
Computer Networking Systems