RH
Application & Cloud Security Engineer
RH, Washington, District Of Columbia, United States, 20001
Application Security Engineer
RH Information Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. A cloud security engineer at RH is expected to be strong in multiple domains and provide significant contributions to the IT Security team and to multiple groups throughout RH. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. Must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the RH IT Security team's work and constantly seek opportunities for process improvement. A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include projects, support, or other work as needed. Key Responsibilities Application security reviews Platform and cloud security reviews Secure architecture design Threat modeling Projects and research work as needed Security training and outreach to internal development teams Security guidance documentation Security tool onboarding, development & support Security metrics delivery and improvements Our Requirements 5+ years of information security team experience doing cloud engineering or software development work Bachelor's degree in computer science or equivalent Experience with AWS products and services Experience managing and supporting CSPM and CNAPP tooling (Wiz) Able to lead discussions around tooling and remediation for SAST/DAST and manual code reviews if necessary
RH Information Security is looking for an Application Security Engineer to help validate that our services, applications, and websites are designed and implemented to the highest security standards. You will be responsible for analyzing the security of applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios. A cloud security engineer at RH is expected to be strong in multiple domains and provide significant contributions to the IT Security team and to multiple groups throughout RH. Security engineers are expected to develop elegant solutions to complex business problems and apply appropriate technologies while following security engineering best practices. You are also expected to mentor more junior engineers and be a security thought leader for the organization. Must foster constructive dialogue and seek resolution when confronted with discordant views. Engineers in this role are expected to participate fully in the planning of the RH IT Security team's work and constantly seek opportunities for process improvement. A successful candidate will need a combination of troubleshooting, technical, and communication skills, as well as the ability to handle a mix of disparate tasks which may include projects, support, or other work as needed. Key Responsibilities Application security reviews Platform and cloud security reviews Secure architecture design Threat modeling Projects and research work as needed Security training and outreach to internal development teams Security guidance documentation Security tool onboarding, development & support Security metrics delivery and improvements Our Requirements 5+ years of information security team experience doing cloud engineering or software development work Bachelor's degree in computer science or equivalent Experience with AWS products and services Experience managing and supporting CSPM and CNAPP tooling (Wiz) Able to lead discussions around tooling and remediation for SAST/DAST and manual code reviews if necessary