Security Automation Architect
Imperva is looking to hire a Security Automation architect
The role is a critical part of our Security Architecture and Automation team in Engineering Security group. Security Automation Architect will be working very closely with the leading architects, product, engineering and operation teams to provide automation tool expertise, recommendation for efficient integration of security tools into agile product development methodology and continuous improvement roadmap . This is a key position in the process of building the security culture in the product development organization by promoting innovative automation ideas and DevSecOps principles.
* Imperva is an analyst-recognized, cybersecurity leader—championing the fight to secure data and applications wherever they reside. Once deployed, our solutions proactively identify, evaluate, and eliminate current and emerging threats, so you never have to choose between innovating for your customers and protecting what matters most. Imperva—Protect the pulse of your business
- Lead the development and maintenance of Imperva’s security automation framework.
- Work with product development and DevOps teams to integrate security tools into DevOps pipeline.
- Define security automation best practices and processes.
- Conduct tools benchmarking, Identify tools, capabilities and configurations needed for efficient security automat
- Provide configuration baseline for selected automation tools.
- Define security automation tools KPI and metric
- Contribute to root-cause analysis of security findings.
- Define, design and implement automated security regression test suites.
- Work with different entities in the enterprise to ensure compliance with corporate security policies and regulations.
- Take an active part in the company architectural forums.
- Explore about relevant regional or information related regulations and their relevancy for the automation framework.
- Training and mentoring peers, dev and devops engineers.
Education and Experience:
- Sc in Computer Science, Software Engineering or Electrical Engineering with related specialization.
- Minimum 3 or more years of related work experience
- Relevant courses and certifications
Knowledge and Skills
- Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security
- Vast experience in DevOps environments and automating security controls into the CI/CD process
- Experience in Linux-based OS, containers and K8S.
- Ability to define problems, collect data, establish facts and draw valid conclusions and solutions
- Experience in working with software development groups and development executives.
- Advanced interpersonal skills, including conflict resolution, and virtual team management.
- Advanced communication skills catered to a wide variety of audiences. (e.g. written, verbal, presentation); mastery in English and local language
- Advanced multi-tasking, and prioritization skills
- Experience with public cloud environments and technologies, including Amazon Web Services (AWS) or other
- Understanding of Information Security including understanding of IT Security frameworks, policies, standards and technologies – ISO27001/SOX/PCI/SOC2 etc.