Job Description

The Data Security Engineer IV will be responsible for architecture and hands on development of security frameworks used to support enterprise data encryption across on-prem and cloud platforms. 

Responsibilities and deliverables

• Design, develop, implement, and verify technical solutions that mitigate security issues.
• Encryption of sensitive data in different platforms (on-premise, Hadoop, AWS, Azure, etc.) using various encryption solutions for batch, streaming and API patterns.
• Development of the Data Vault framework to work in conjunction with encryption solutions.
• Threat Analytics frameworks using machine learning.
• Investigate and troubleshoot issues related to security and encryption and provide solution.
• Work with platform and DevOps teams to design security models and security test plans.
• Work with the CICD, DevOps and AppSec teams to implement static and dynamic application security testing in the CICD pipeline.

Basic Qualifications

• At least 7 year of development experience in Java.
• Solid knowledge in design patterns and data structure in Java.
• Quick learning, strong problem-solving, analytical and troubleshooting abilities.
• Prior experience with cloud infrastructure and security controls in AWS and Azure.
• Experience with CI/CD pipeline automation, containerization, etc.
• Knowledge of network, web  and application related protocols (TCP/IP, IPSec, HTTPS, SSL/TLS, JDBC, routing, switching, firewall).
• Knowledge of cryptography (AES 256, AES-CBC, AES-GCM, RSA, PKI SHA2, SHA3, pepper, salt, password storage, etc.)
• Solid foundation of security principals including process isolation, least privilege, defense in depth, simplicity and minimization.
• Customer focused, result oriented, self-motivated, and highly experienced in cross-group collaboration.
• Ability to lead and work with a team of DevOps and support engineers.

Preferred Qualifications

• Development experience in C/C++ and C#.
• Experience with one or more big data products, for example, Hadoop, Teradata, Databricks, and Snowflake.
• Prior experience with data security, security engineering and consulting.
• CISSP in good standing.
• Familiarity with OWASP top 10 web application security risks and mitigations.
• Experience in machine learning is a plus.