Q2 Software is seeking an Application Security Engineer (DevSecOps) who is passionate about securing innovative products that scale to 400+ financial institutions. You will interact with stakeholders across Engineering, QA, DevOps, IT, Operations, and Product Management. If you enjoy working in a highly collaborative environment and approach every day with a burning passion to build highly scalable, resilient, and secure systems, then Q2 wants you!
* Design and implement Public Cloud Security architectures in AWS, Azure, and on-premise datacenters
* Design and implement Security Automation tools for testing, monitoring, and reporting
* Design and implement Security Integrations within a CI/CD pipeline
* Incorporate Security products and processes into existing and new systems
* Bake Security controls into Engineering and DevOps pipelines (e.g., build automation and configuration management)
* Participates in code and design reviews
* Ensures the integrity of Q2 software by training, implementing and monitoring practices on Q2's Secure Software Development Life Cycle Policy
* Trains engineers on OWASP top 10, best practices, and secure coding principles
EXPERIENCE & KNOWLEDGE:
* Bachelor's degree in Computer Science, Engineering, Computer Security, Information Systems, or related field.
* 3+ years' of related security experience
* Experience with REST-style web services / APIs
* Linux or Windows System Administration experience.
* Automation and scripting via PowerShell, Python, Perl, or Bash.
* Configuration management (Ansible, Chef, and/or Puppet).
* Implemented Security solutions in public clouds (AWS, Azure, and/or Google)
* GWAPT, GSEC, CEH