Senior Engineer - Application Security

Job Duties and Responsibilities

DISH is building out its Information Security program to support the business from an IT risk management standpoint. This initiative within the Information Security department aims to provide architectural guidance, setting up of standards, design and consult with various infrastructure and application teams in the enterprise.

The Sr Engineer  - Application Security will work closely with architecture peers across all of Information Technology and Cybersecurity to ensure that projects and new applications are secured in accordance with audit and policy requirements.

Responsible for end to end onboarding of applications with security standards and requirements 
Performs assessment of application architecture and design for security and provides recommendations to application teams as per DISH policies and standards
Creates technical standards and guidelines for secure application development and deployment
Articulation of consistent security principles and technology standards that guide design, engineering and deployment of secure products
Collaboration across Enterprise Architecture and Cybersecurity on pattern definitions that help mitigate security risks within the environment
Provides thought leadership using business communications, active collaboration, and leading cross-functional groups to deliver cybersecurity goals

Skills, Experience and Requirements

KNOWLEDGE, SKILLS & ABILITIES

Knowledge of security standards and technologies such as NIST, PCI, OWASP and hybrid/Cloud Security environments including container security, devsecops, proxy, firewalls, SIEM, UEBA etc.
Must have considerable security skills as well as DevOps skills around CI/CD and experience with leading industry technologies including Firewalls, WAF, Reverse Proxy, DMZ architecture, Application Security
Excellent communication and influencing skills, including the ability to simplify key messages, present compelling stories and promote technical and personal credibility with internal and external executives, and both technical and non-technical audiences
 

EDUCATION & WORK EXPERIENCE REQUIRED

8-10 years IT Experience with minimum 8 years in Cybersecurity areas: Cloud-native architectures, AWS, VPC, Security Groups, IAM, Docker, Encryption, HTTPS, TLS Certificates, API Gateway, Lambda, Egress proxies, PCI architectures, application security, domain segmentation, authentication, data protection, and automation of processes
Should possess one or more of the following certifications – CISSP, SANS GCIH, Vendor Certifications (CISO, Palo Alto, McAfee, IBM etc), AWS Certification(s) 
Experience in creating reference architectures, technical standards and design documents
Desirable
Experience in application development including microservices architecture 
Experience in implementing security for applications, infrastructure for cloud-based systems / applications in AWS
Bachelors degree in computer science or equivalent required

Benefits

Employee Stock Purchase
Term Insurance
Accident Insurance
Health Insurance
Training Reimbursement
Gratuity
Mobile and Internet Reimbursement
Team Outings